1/*- 2 * Copyright (c) 1982, 1986, 1988, 1993 3 * The Regents of the University of California. 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 17 unchanged lines hidden (view full) --- 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 * 30 * @(#)raw_ip.c 8.7 (Berkeley) 5/15/95 31 */ 32 33#include <sys/cdefs.h> |
34__FBSDID("$FreeBSD: head/sys/netinet/raw_ip.c 188144 2009-02-05 14:06:09Z jamie $"); |
35 36#include "opt_inet6.h" 37#include "opt_ipsec.h" 38#include "opt_mac.h" 39 40#include <sys/param.h> 41#include <sys/jail.h> 42#include <sys/kernel.h> --- 228 unchanged lines hidden (view full) --- 271 /* XXX inp locking */ 272 if ((inp->inp_vflag & INP_IPV4) == 0) 273 continue; 274#endif 275 if (inp->inp_laddr.s_addr != ip->ip_dst.s_addr) 276 continue; 277 if (inp->inp_faddr.s_addr != ip->ip_src.s_addr) 278 continue; |
279 if (prison_check_ip4(inp->inp_cred, &ip->ip_dst) != 0) 280 continue; |
281 if (last != NULL) { 282 struct mbuf *n; 283 284 n = m_copy(m, 0, (int)M_COPYALL); 285 if (n != NULL) 286 (void) rip_append(last, ip, n, &ripsrc); 287 /* XXX count dropped packet */ 288 INP_RUNLOCK(last); --- 10 unchanged lines hidden (view full) --- 299 continue; 300#endif 301 if (inp->inp_laddr.s_addr && 302 inp->inp_laddr.s_addr != ip->ip_dst.s_addr) 303 continue; 304 if (inp->inp_faddr.s_addr && 305 inp->inp_faddr.s_addr != ip->ip_src.s_addr) 306 continue; |
307 if (prison_check_ip4(inp->inp_cred, &ip->ip_dst) != 0) 308 continue; |
309 if (last != NULL) { 310 struct mbuf *n; 311 312 n = m_copy(m, 0, (int)M_COPYALL); 313 if (n != NULL) 314 (void) rip_append(last, ip, n, &ripsrc); 315 /* XXX count dropped packet */ 316 INP_RUNLOCK(last); --- 44 unchanged lines hidden (view full) --- 361 ip = mtod(m, struct ip *); 362 ip->ip_tos = inp->inp_ip_tos; 363 if (inp->inp_flags & INP_DONTFRAG) 364 ip->ip_off = IP_DF; 365 else 366 ip->ip_off = 0; 367 ip->ip_p = inp->inp_ip_p; 368 ip->ip_len = m->m_pkthdr.len; |
369 ip->ip_src = inp->inp_laddr; 370 error = prison_get_ip4(inp->inp_cred, &ip->ip_src); 371 if (error != 0) { 372 INP_RUNLOCK(inp); 373 m_freem(m); 374 return (error); |
375 } 376 ip->ip_dst.s_addr = dst; 377 ip->ip_ttl = inp->inp_ip_ttl; 378 } else { 379 if (m->m_pkthdr.len > IP_MAXPACKET) { 380 m_freem(m); 381 return(EMSGSIZE); 382 } 383 INP_RLOCK(inp); 384 ip = mtod(m, struct ip *); |
385 error = prison_check_ip4(inp->inp_cred, &ip->ip_src); 386 if (error != 0) { |
387 INP_RUNLOCK(inp); 388 m_freem(m); |
389 return (error); |
390 } 391 392 /* 393 * Don't allow both user specified and setsockopt options, 394 * and don't allow packet length sizes that will crash. 395 */ 396 if (((ip->ip_hl != (sizeof (*ip) >> 2)) && inp->inp_options) 397 || (ip->ip_len > m->m_pkthdr.len) --- 395 unchanged lines hidden (view full) --- 793 794static int 795rip_bind(struct socket *so, struct sockaddr *nam, struct thread *td) 796{ 797 INIT_VNET_NET(so->so_vnet); 798 INIT_VNET_INET(so->so_vnet); 799 struct sockaddr_in *addr = (struct sockaddr_in *)nam; 800 struct inpcb *inp; |
801 int error; |
802 803 if (nam->sa_len != sizeof(*addr)) 804 return (EINVAL); 805 |
806 error = prison_check_ip4(td->td_ucred, &addr->sin_addr); 807 if (error != 0) 808 return (error); |
809 810 if (TAILQ_EMPTY(&V_ifnet) || 811 (addr->sin_family != AF_INET && addr->sin_family != AF_IMPLINK) || 812 (addr->sin_addr.s_addr && 813 ifa_ifwithaddr((struct sockaddr *)addr) == 0)) 814 return (EADDRNOTAVAIL); 815 816 inp = sotoinpcb(so); --- 195 unchanged lines hidden --- |