Cross Reference: /freebsd-10.3-release/sys/netinet/sctp

Deleted Added

sdiff udiff text old ( 170140 ) new ( 170181 )

full compact

sctp_input.c (170140)	sctp_input.c (170181)
1/- 2 Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are met: 6 * 7 * a) Redistributions of source code must retain the above copyright notice, 8 * this list of conditions and the following disclaimer. --- 17 unchanged lines hidden (view full) --- 26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 28 * THE POSSIBILITY OF SUCH DAMAGE. 29 / 30 31/ $KAME: sctp_input.c,v 1.27 2005/03/06 16:04:17 itojun Exp $ */ 32 33#include <sys/cdefs.h>	1/- 2 Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are met: 6 * 7 * a) Redistributions of source code must retain the above copyright notice, 8 * this list of conditions and the following disclaimer. --- 17 unchanged lines hidden (view full) --- 26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 28 * THE POSSIBILITY OF SUCH DAMAGE. 29 / 30 31/ $KAME: sctp_input.c,v 1.27 2005/03/06 16:04:17 itojun Exp $ */ 32 33#include <sys/cdefs.h>
34__FBSDID("$FreeBSD: head/sys/netinet/sctp_input.c 170140 2007-05-30 22:34:21Z rrs $");	34__FBSDID("$FreeBSD: head/sys/netinet/sctp_input.c 170181 2007-06-01 11:19:54Z rrs $");
35 36#include <netinet/sctp_os.h> 37#include <netinet/sctp_var.h> 38#include <netinet/sctp_sysctl.h> 39#include <netinet/sctp_pcb.h> 40#include <netinet/sctp_header.h> 41#include <netinet/sctputil.h> 42#include <netinet/sctp_output.h> --- 30 unchanged lines hidden (view full) --- 73 } 74 } 75} 76 77/* INIT handler / 78static void 79sctp_handle_init(struct mbuf m, int iphlen, int offset, struct sctphdr sh, 80 struct sctp_init_chunk cp, struct sctp_inpcb inp, struct sctp_tcb stcb,	35 36#include <netinet/sctp_os.h> 37#include <netinet/sctp_var.h> 38#include <netinet/sctp_sysctl.h> 39#include <netinet/sctp_pcb.h> 40#include <netinet/sctp_header.h> 41#include <netinet/sctputil.h> 42#include <netinet/sctp_output.h> --- 30 unchanged lines hidden (view full) --- 73 } 74 } 75} 76 77/* INIT handler / 78static void 79sctp_handle_init(struct mbuf m, int iphlen, int offset, struct sctphdr sh, 80 struct sctp_init_chunk cp, struct sctp_inpcb inp, struct sctp_tcb stcb,
81 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id, 82 uint32_t table_id)	81 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id)
83{ 84 struct sctp_init init; 85 struct mbuf op_err; 86 uint32_t init_limit; 87 88 SCTPDBG(SCTP_DEBUG_INPUT2, "sctp_handle_init: handling INIT tcb:%p\n", 89 stcb); 90 op_err = NULL; 91 init = &cp->init; 92 /* First are we accepting? / 93 if ((inp->sctp_socket->so_qlimit == 0) && (stcb == NULL)) { 94 SCTPDBG(SCTP_DEBUG_INPUT2, 95 "sctp_handle_init: Abort, so_qlimit:%d\n", 96 inp->sctp_socket->so_qlimit); 97 / 98 * FIX ME ?? What about TCP model and we have a 99 * match/restart case? 100 / 101* sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	82{ 83 struct sctp_init init; 84 struct mbuf op_err; 85 uint32_t init_limit; 86 87 SCTPDBG(SCTP_DEBUG_INPUT2, "sctp_handle_init: handling INIT tcb:%p\n", 88 stcb); 89 op_err = NULL; 90 init = &cp->init; 91 /* First are we accepting? / 92 if ((inp->sctp_socket->so_qlimit == 0) && (stcb == NULL)) { 93 SCTPDBG(SCTP_DEBUG_INPUT2, 94 "sctp_handle_init: Abort, so_qlimit:%d\n", 95 inp->sctp_socket->so_qlimit); 96 / 97 * FIX ME ?? What about TCP model and we have a 98 * match/restart case? 99 / 100* sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
102 vrf_id, table_id);	101 vrf_id);
103 if (stcb) 104 abort_no_unlock = 1; 105* return; 106 } 107 if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_init_chunk)) { 108 /* Invalid length / 109* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 110 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	102 if (stcb) 103 abort_no_unlock = 1; 104* return; 105 } 106 if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_init_chunk)) { 107 /* Invalid length / 108* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 109 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
111 vrf_id, table_id);	110 vrf_id);
112 if (stcb) 113 abort_no_unlock = 1; 114* return; 115 } 116 /* validate parameters / 117* if (init->initiate_tag == 0) { 118 /* protocol error... send abort / 119* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 120 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	111 if (stcb) 112 abort_no_unlock = 1; 113* return; 114 } 115 /* validate parameters / 116* if (init->initiate_tag == 0) { 117 /* protocol error... send abort / 118* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 119 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
121 vrf_id, table_id);	120 vrf_id);
122 if (stcb) 123 abort_no_unlock = 1; 124* return; 125 } 126 if (ntohl(init->a_rwnd) < SCTP_MIN_RWND) { 127 /* invalid parameter... send abort / 128* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 129 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	121 if (stcb) 122 abort_no_unlock = 1; 123* return; 124 } 125 if (ntohl(init->a_rwnd) < SCTP_MIN_RWND) { 126 /* invalid parameter... send abort / 127* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 128 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
130 vrf_id, table_id);	129 vrf_id);
131 return; 132 } 133 if (init->num_inbound_streams == 0) { 134 /* protocol error... send abort / 135* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 136 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	130 return; 131 } 132 if (init->num_inbound_streams == 0) { 133 /* protocol error... send abort / 134* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 135 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
137 vrf_id, table_id);	136 vrf_id);
138 if (stcb) 139 abort_no_unlock = 1; 140* return; 141 } 142 if (init->num_outbound_streams == 0) { 143 /* protocol error... send abort / 144* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 145 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	137 if (stcb) 138 abort_no_unlock = 1; 139* return; 140 } 141 if (init->num_outbound_streams == 0) { 142 /* protocol error... send abort / 143* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 144 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
146 vrf_id, table_id);	145 vrf_id);
147 if (stcb) 148 abort_no_unlock = 1; 149* return; 150 } 151 init_limit = offset + ntohs(cp->ch.chunk_length); 152 if (sctp_validate_init_auth_params(m, offset + sizeof(cp), 153* init_limit)) { 154 /* auth parameter(s) error... send abort */	146 if (stcb) 147 abort_no_unlock = 1; 148* return; 149 } 150 init_limit = offset + ntohs(cp->ch.chunk_length); 151 if (sctp_validate_init_auth_params(m, offset + sizeof(cp), 152* init_limit)) { 153 /* auth parameter(s) error... send abort */
155 sctp_abort_association(inp, stcb, m, iphlen, sh, NULL, vrf_id, 156 table_id);	154 sctp_abort_association(inp, stcb, m, iphlen, sh, NULL, vrf_id);
157 if (stcb) 158 abort_no_unlock = 1; 159* return; 160 } 161 /* send an INIT-ACK w/cookie / 162* SCTPDBG(SCTP_DEBUG_INPUT3, "sctp_handle_init: sending INIT-ACK\n");	155 if (stcb) 156 abort_no_unlock = 1; 157* return; 158 } 159 /* send an INIT-ACK w/cookie / 160* SCTPDBG(SCTP_DEBUG_INPUT3, "sctp_handle_init: sending INIT-ACK\n");
163 sctp_send_initiate_ack(inp, stcb, m, iphlen, offset, sh, cp, vrf_id, 164 table_id);	161 sctp_send_initiate_ack(inp, stcb, m, iphlen, offset, sh, cp, vrf_id);
165} 166 167/* 168 * process peer "INIT/INIT-ACK" chunk returns value < 0 on error 169 / 170static int 171sctp_process_init(struct sctp_init_chunk cp, struct sctp_tcb stcb, 172* struct sctp_nets net) --- 128 unchanged lines hidden* (view full) --- 301} 302 303/* 304 * INIT-ACK message processing/consumption returns value < 0 on error 305 / 306static int 307sctp_process_init_ack(struct mbuf m, int iphlen, int offset, 308 struct sctphdr sh, struct sctp_init_ack_chunk cp, struct sctp_tcb *stcb,	162} 163 164/* 165 * process peer "INIT/INIT-ACK" chunk returns value < 0 on error 166 / 167static int 168sctp_process_init(struct sctp_init_chunk cp, struct sctp_tcb stcb, 169* struct sctp_nets net) --- 128 unchanged lines hidden* (view full) --- 298} 299 300/* 301 * INIT-ACK message processing/consumption returns value < 0 on error 302 / 303static int 304sctp_process_init_ack(struct mbuf m, int iphlen, int offset, 305 struct sctphdr sh, struct sctp_init_ack_chunk cp, struct sctp_tcb *stcb,
309 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id, 310 uint32_t table_id)	306 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id)
311{ 312 struct sctp_association asoc; 313* struct mbuf op_err; 314* int retval, abort_flag; 315 uint32_t initack_limit; 316 317 /* First verify that we have no illegal param's / 318* abort_flag = 0; --- 19 unchanged lines hidden (view full) --- 338 if ((retval = sctp_load_addresses_from_init(stcb, m, iphlen, 339 (offset + sizeof(struct sctp_init_chunk)), initack_limit, sh, 340 NULL))) { 341 /* Huh, we should abort / 342* SCTPDBG(SCTP_DEBUG_INPUT1, 343 "Load addresses from INIT causes an abort %d\n", 344 retval); 345 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	307{ 308 struct sctp_association asoc; 309* struct mbuf op_err; 310* int retval, abort_flag; 311 uint32_t initack_limit; 312 313 /* First verify that we have no illegal param's / 314* abort_flag = 0; --- 19 unchanged lines hidden (view full) --- 334 if ((retval = sctp_load_addresses_from_init(stcb, m, iphlen, 335 (offset + sizeof(struct sctp_init_chunk)), initack_limit, sh, 336 NULL))) { 337 /* Huh, we should abort / 338* SCTPDBG(SCTP_DEBUG_INPUT1, 339 "Load addresses from INIT causes an abort %d\n", 340 retval); 341 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
346 NULL, 0, 0);	342 NULL, 0);
347 abort_no_unlock = 1; 348* return (-1); 349 } 350 stcb->asoc.peer_hmac_id = sctp_negotiate_hmacid(stcb->asoc.peer_hmacs, 351 stcb->asoc.local_hmacs); 352 if (op_err) { 353 sctp_queue_op_err(stcb, op_err); 354 /* queuing will steal away the mbuf chain to the out queue / --- 40 unchanged lines hidden* (view full) --- 395 /* Subtract the reserved param / 396* mp->length = 397 htons(sizeof(struct sctp_inv_mandatory_param) - 2); 398 mp->num_param = htonl(1); 399 mp->param = htons(SCTP_STATE_COOKIE); 400 mp->resv = 0; 401 } 402 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen,	343 abort_no_unlock = 1; 344* return (-1); 345 } 346 stcb->asoc.peer_hmac_id = sctp_negotiate_hmacid(stcb->asoc.peer_hmacs, 347 stcb->asoc.local_hmacs); 348 if (op_err) { 349 sctp_queue_op_err(stcb, op_err); 350 /* queuing will steal away the mbuf chain to the out queue / --- 40 unchanged lines hidden* (view full) --- 391 /* Subtract the reserved param / 392* mp->length = 393 htons(sizeof(struct sctp_inv_mandatory_param) - 2); 394 mp->num_param = htonl(1); 395 mp->param = htons(SCTP_STATE_COOKIE); 396 mp->resv = 0; 397 } 398 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen,
403 sh, op_err, 0, 0);	399 sh, op_err, 0);
404 abort_no_unlock = 1; 405* } 406 return (retval); 407 } 408 return (0); 409} 410 411static void --- 442 unchanged lines hidden (view full) --- 854 phdr = (struct sctp_paramhdr )((caddr_t)phdr + adjust); 855* } 856 return (0); 857} 858 859static int 860sctp_handle_init_ack(struct mbuf m, int iphlen, int offset, 861* struct sctphdr sh, struct sctp_init_ack_chunk cp, struct sctp_tcb *stcb,	400 abort_no_unlock = 1; 401* } 402 return (retval); 403 } 404 return (0); 405} 406 407static void --- 442 unchanged lines hidden (view full) --- 850 phdr = (struct sctp_paramhdr )((caddr_t)phdr + adjust); 851* } 852 return (0); 853} 854 855static int 856sctp_handle_init_ack(struct mbuf m, int iphlen, int offset, 857* struct sctphdr sh, struct sctp_init_ack_chunk cp, struct sctp_tcb *stcb,
862 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id, 863 uint32_t table_id)	858 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id)
864{ 865 struct sctp_init_ack init_ack; 866* int state; 867* struct mbuf op_err; 868* 869 SCTPDBG(SCTP_DEBUG_INPUT2, 870 "sctp_handle_init_ack: handling INIT-ACK\n"); 871 872 if (stcb == NULL) { 873 SCTPDBG(SCTP_DEBUG_INPUT2, 874 "sctp_handle_init_ack: TCB is null\n"); 875 return (-1); 876 } 877 if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_init_ack_chunk)) { 878 /* Invalid length / 879* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 880 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	859{ 860 struct sctp_init_ack init_ack; 861* int state; 862* struct mbuf op_err; 863* 864 SCTPDBG(SCTP_DEBUG_INPUT2, 865 "sctp_handle_init_ack: handling INIT-ACK\n"); 866 867 if (stcb == NULL) { 868 SCTPDBG(SCTP_DEBUG_INPUT2, 869 "sctp_handle_init_ack: TCB is null\n"); 870 return (-1); 871 } 872 if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_init_ack_chunk)) { 873 /* Invalid length / 874* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 875 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
881 op_err, 0, 0);	876 op_err, 0);
882 abort_no_unlock = 1; 883* return (-1); 884 } 885 init_ack = &cp->init; 886 /* validate parameters / 887* if (init_ack->initiate_tag == 0) { 888 /* protocol error... send an abort / 889* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 890 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	877 abort_no_unlock = 1; 878* return (-1); 879 } 880 init_ack = &cp->init; 881 /* validate parameters / 882* if (init_ack->initiate_tag == 0) { 883 /* protocol error... send an abort / 884* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 885 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
891 op_err, 0, 0);	886 op_err, 0);
892 abort_no_unlock = 1; 893* return (-1); 894 } 895 if (ntohl(init_ack->a_rwnd) < SCTP_MIN_RWND) { 896 /* protocol error... send an abort / 897* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 898 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	887 abort_no_unlock = 1; 888* return (-1); 889 } 890 if (ntohl(init_ack->a_rwnd) < SCTP_MIN_RWND) { 891 /* protocol error... send an abort / 892* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 893 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
899 op_err, 0, 0);	894 op_err, 0);
900 abort_no_unlock = 1; 901* return (-1); 902 } 903 if (init_ack->num_inbound_streams == 0) { 904 /* protocol error... send an abort / 905* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 906 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	895 abort_no_unlock = 1; 896* return (-1); 897 } 898 if (init_ack->num_inbound_streams == 0) { 899 /* protocol error... send an abort / 900* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 901 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
907 op_err, 0, 0);	902 op_err, 0);
908 abort_no_unlock = 1; 909* return (-1); 910 } 911 if (init_ack->num_outbound_streams == 0) { 912 /* protocol error... send an abort / 913* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 914 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	903 abort_no_unlock = 1; 904* return (-1); 905 } 906 if (init_ack->num_outbound_streams == 0) { 907 /* protocol error... send an abort / 908* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 909 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
915 op_err, 0, 0);	910 op_err, 0);
916 abort_no_unlock = 1; 917* return (-1); 918 } 919 /* process according to association state... / 920* state = &stcb->asoc.state; 921 switch (state & SCTP_STATE_MASK) { 922* case SCTP_STATE_COOKIE_WAIT: 923 /* this is the expected state for this chunk / --- 7 unchanged lines hidden* (view full) --- 931 * though. 932 / 933* stcb->asoc.primary_destination->dest_state &= 934 ~SCTP_ADDR_UNCONFIRMED; 935 sctp_ulp_notify(SCTP_NOTIFY_INTERFACE_CONFIRMED, 936 stcb, 0, (void )stcb->asoc.primary_destination); 937* } 938 if (sctp_process_init_ack(m, iphlen, offset, sh, cp, stcb,	911 abort_no_unlock = 1; 912* return (-1); 913 } 914 /* process according to association state... / 915* state = &stcb->asoc.state; 916 switch (state & SCTP_STATE_MASK) { 917* case SCTP_STATE_COOKIE_WAIT: 918 /* this is the expected state for this chunk / --- 7 unchanged lines hidden* (view full) --- 926 * though. 927 / 928* stcb->asoc.primary_destination->dest_state &= 929 ~SCTP_ADDR_UNCONFIRMED; 930 sctp_ulp_notify(SCTP_NOTIFY_INTERFACE_CONFIRMED, 931 stcb, 0, (void )stcb->asoc.primary_destination); 932* } 933 if (sctp_process_init_ack(m, iphlen, offset, sh, cp, stcb,
939 net, abort_no_unlock, vrf_id, 940 table_id) < 0) {	934 net, abort_no_unlock, vrf_id) < 0) {
941 /* error in parsing parameters / 942* return (-1); 943 } 944 /* update our state / 945* SCTPDBG(SCTP_DEBUG_INPUT2, "moving to COOKIE-ECHOED state\n"); 946 if (state & SCTP_STATE_SHUTDOWN_PENDING) { 947* state = SCTP_STATE_COOKIE_ECHOED \| 948* SCTP_STATE_SHUTDOWN_PENDING; --- 42 unchanged lines hidden (view full) --- 991 * "split" mbuf and the cookie signature does not exist offset: offset into 992 * mbuf to the cookie-echo chunk 993 / 994static struct sctp_tcb 995sctp_process_cookie_existing(struct mbuf m, int iphlen, int offset, 996* struct sctphdr sh, struct sctp_state_cookie cookie, int cookie_len, 997 struct sctp_inpcb inp, struct sctp_tcb stcb, struct sctp_nets net, 998* struct sockaddr init_src, int notification, sctp_assoc_t * sac_assoc_id,	935 /* error in parsing parameters / 936* return (-1); 937 } 938 /* update our state / 939* SCTPDBG(SCTP_DEBUG_INPUT2, "moving to COOKIE-ECHOED state\n"); 940 if (state & SCTP_STATE_SHUTDOWN_PENDING) { 941* state = SCTP_STATE_COOKIE_ECHOED \| 942* SCTP_STATE_SHUTDOWN_PENDING; --- 42 unchanged lines hidden (view full) --- 985 * "split" mbuf and the cookie signature does not exist offset: offset into 986 * mbuf to the cookie-echo chunk 987 / 988static struct sctp_tcb 989sctp_process_cookie_existing(struct mbuf m, int iphlen, int offset, 990* struct sctphdr sh, struct sctp_state_cookie cookie, int cookie_len, 991 struct sctp_inpcb inp, struct sctp_tcb stcb, struct sctp_nets net, 992* struct sockaddr init_src, int notification, sctp_assoc_t * sac_assoc_id,
999 uint32_t vrf_id, uint32_t table_id)	993 uint32_t vrf_id)
1000{ 1001 struct sctp_association asoc; 1002* struct sctp_init_chunk init_cp, init_buf; 1003* struct sctp_init_ack_chunk initack_cp, initack_buf; 1004* int chk_length; 1005 int init_offset, initack_offset, i; 1006 int retval; 1007 int spec_flag = 0; --- 25 unchanged lines hidden (view full) --- 1033 SCTP_BUF_RESV_UF(op_err, sizeof(struct sctphdr)); 1034 SCTP_BUF_RESV_UF(op_err, sizeof(struct sctp_chunkhdr)); 1035 /* Set the len / 1036* SCTP_BUF_LEN(op_err) = sizeof(struct sctp_paramhdr); 1037 ph = mtod(op_err, struct sctp_paramhdr ); 1038* ph->param_type = htons(SCTP_CAUSE_COOKIE_IN_SHUTDOWN); 1039 ph->param_length = htons(sizeof(struct sctp_paramhdr)); 1040 sctp_send_operr_to(m, iphlen, op_err, cookie->peers_vtag,	994{ 995 struct sctp_association asoc; 996* struct sctp_init_chunk init_cp, init_buf; 997* struct sctp_init_ack_chunk initack_cp, initack_buf; 998* int chk_length; 999 int init_offset, initack_offset, i; 1000 int retval; 1001 int spec_flag = 0; --- 25 unchanged lines hidden (view full) --- 1027 SCTP_BUF_RESV_UF(op_err, sizeof(struct sctphdr)); 1028 SCTP_BUF_RESV_UF(op_err, sizeof(struct sctp_chunkhdr)); 1029 /* Set the len / 1030* SCTP_BUF_LEN(op_err) = sizeof(struct sctp_paramhdr); 1031 ph = mtod(op_err, struct sctp_paramhdr ); 1032* ph->param_type = htons(SCTP_CAUSE_COOKIE_IN_SHUTDOWN); 1033 ph->param_length = htons(sizeof(struct sctp_paramhdr)); 1034 sctp_send_operr_to(m, iphlen, op_err, cookie->peers_vtag,
1041 vrf_id, table_id);	1035 vrf_id);
1042 if (how_indx < sizeof(asoc->cookie_how)) 1043 asoc->cookie_how[how_indx] = 2; 1044 return (NULL); 1045 } 1046 /* 1047 * find and validate the INIT chunk in the cookie (peer's info) the 1048 * INIT should start after the cookie-echo header struct (chunk 1049 * header, state cookie header struct) --- 418 unchanged lines hidden (view full) --- 1468 * was from returns a new TCB 1469 / 1470static struct sctp_tcb 1471sctp_process_cookie_new(struct mbuf m, int iphlen, int offset, 1472* struct sctphdr sh, struct sctp_state_cookie cookie, int cookie_len, 1473 struct sctp_inpcb inp, struct sctp_nets netp, 1474* struct sockaddr init_src, int notification, 1475 int auth_skipped, uint32_t auth_offset, uint32_t auth_len,	1036 if (how_indx < sizeof(asoc->cookie_how)) 1037 asoc->cookie_how[how_indx] = 2; 1038 return (NULL); 1039 } 1040 /* 1041 * find and validate the INIT chunk in the cookie (peer's info) the 1042 * INIT should start after the cookie-echo header struct (chunk 1043 * header, state cookie header struct) --- 418 unchanged lines hidden (view full) --- 1462 * was from returns a new TCB 1463 / 1464static struct sctp_tcb 1465sctp_process_cookie_new(struct mbuf m, int iphlen, int offset, 1466* struct sctphdr sh, struct sctp_state_cookie cookie, int cookie_len, 1467 struct sctp_inpcb inp, struct sctp_nets netp, 1468* struct sockaddr init_src, int notification, 1469 int auth_skipped, uint32_t auth_offset, uint32_t auth_len,
1476 uint32_t vrf_id, uint32_t table_id)	1470 uint32_t vrf_id)
1477{ 1478 struct sctp_tcb stcb; 1479* struct sctp_init_chunk init_cp, init_buf; 1480* struct sctp_init_ack_chunk initack_cp, initack_buf; 1481* struct sockaddr_storage sa_store; 1482 struct sockaddr initack_src = (struct sockaddr )&sa_store; 1483 struct sockaddr_in sin; 1484* struct sockaddr_in6 sin6; --- 60 unchanged lines hidden* (view full) --- 1545 struct mbuf op_err; 1546* 1547 /* memory problem? / 1548* SCTPDBG(SCTP_DEBUG_INPUT1, 1549 "process_cookie_new: no room for another TCB!\n"); 1550 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 1551 1552 sctp_abort_association(inp, (struct sctp_tcb *)NULL, m, iphlen,	1471{ 1472 struct sctp_tcb stcb; 1473* struct sctp_init_chunk init_cp, init_buf; 1474* struct sctp_init_ack_chunk initack_cp, initack_buf; 1475* struct sockaddr_storage sa_store; 1476 struct sockaddr initack_src = (struct sockaddr )&sa_store; 1477 struct sockaddr_in sin; 1478* struct sockaddr_in6 sin6; --- 60 unchanged lines hidden* (view full) --- 1539 struct mbuf op_err; 1540* 1541 /* memory problem? / 1542* SCTPDBG(SCTP_DEBUG_INPUT1, 1543 "process_cookie_new: no room for another TCB!\n"); 1544 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 1545 1546 sctp_abort_association(inp, (struct sctp_tcb *)NULL, m, iphlen,
1553 sh, op_err, vrf_id, table_id);	1547 sh, op_err, vrf_id);
1554 return (NULL); 1555 } 1556 /* get the correct sctp_nets / 1557* if (netp) 1558 netp = sctp_findnet(stcb, init_src); 1559* 1560 asoc = &stcb->asoc;	1548 return (NULL); 1549 } 1550 /* get the correct sctp_nets / 1551* if (netp) 1552 netp = sctp_findnet(stcb, init_src); 1553* 1554 asoc = &stcb->asoc;
1561 /* save the table id (vrf_id is done in aloc_assoc) / 1562* asoc->table_id = table_id;
1563 /* get scope variables out of cookie / 1564* asoc->ipv4_local_scope = cookie->ipv4_scope; 1565 asoc->site_scope = cookie->site_scope; 1566 asoc->local_scope = cookie->local_scope; 1567 asoc->loopback_scope = cookie->loopback_scope; 1568 1569 if ((asoc->ipv4_addr_legal != cookie->ipv4_addr_legal) \|\| 1570 (asoc->ipv6_addr_legal != cookie->ipv6_addr_legal)) { 1571 struct mbuf op_err; 1572* 1573 /* 1574 * Houston we have a problem. The EP changed while the 1575 * cookie was in flight. Only recourse is to abort the 1576 * association. 1577 / 1578* atomic_add_int(&stcb->asoc.refcnt, 1); 1579 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 1580 sctp_abort_association(inp, (struct sctp_tcb *)NULL, m, iphlen,	1555 /* get scope variables out of cookie / 1556* asoc->ipv4_local_scope = cookie->ipv4_scope; 1557 asoc->site_scope = cookie->site_scope; 1558 asoc->local_scope = cookie->local_scope; 1559 asoc->loopback_scope = cookie->loopback_scope; 1560 1561 if ((asoc->ipv4_addr_legal != cookie->ipv4_addr_legal) \|\| 1562 (asoc->ipv6_addr_legal != cookie->ipv6_addr_legal)) { 1563 struct mbuf op_err; 1564* 1565 /* 1566 * Houston we have a problem. The EP changed while the 1567 * cookie was in flight. Only recourse is to abort the 1568 * association. 1569 / 1570* atomic_add_int(&stcb->asoc.refcnt, 1); 1571 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 1572 sctp_abort_association(inp, (struct sctp_tcb *)NULL, m, iphlen,
1581 sh, op_err, vrf_id, table_id);	1573 sh, op_err, vrf_id);
1582 atomic_add_int(&stcb->asoc.refcnt, -1); 1583 return (NULL); 1584 } 1585 /* process the INIT-ACK info (my info) / 1586* old_tag = asoc->my_vtag; 1587 asoc->assoc_id = asoc->my_vtag = ntohl(initack_cp->init.initiate_tag); 1588 asoc->my_rwnd = ntohl(initack_cp->init.a_rwnd); 1589 asoc->pre_open_streams = ntohs(initack_cp->init.num_outbound_streams); --- 148 unchanged lines hidden (view full) --- 1738 * handles a COOKIE-ECHO message stcb: modified to either a new or left as 1739 * existing (non-NULL) TCB 1740 / 1741static struct mbuf 1742sctp_handle_cookie_echo(struct mbuf m, int iphlen, int offset, 1743* struct sctphdr sh, struct sctp_cookie_echo_chunk cp, 1744 struct sctp_inpcb inp_p, struct sctp_tcb stcb, struct sctp_nets *netp, 1745* int auth_skipped, uint32_t auth_offset, uint32_t auth_len,	1574 atomic_add_int(&stcb->asoc.refcnt, -1); 1575 return (NULL); 1576 } 1577 /* process the INIT-ACK info (my info) / 1578* old_tag = asoc->my_vtag; 1579 asoc->assoc_id = asoc->my_vtag = ntohl(initack_cp->init.initiate_tag); 1580 asoc->my_rwnd = ntohl(initack_cp->init.a_rwnd); 1581 asoc->pre_open_streams = ntohs(initack_cp->init.num_outbound_streams); --- 148 unchanged lines hidden (view full) --- 1730 * handles a COOKIE-ECHO message stcb: modified to either a new or left as 1731 * existing (non-NULL) TCB 1732 / 1733static struct mbuf 1734sctp_handle_cookie_echo(struct mbuf m, int iphlen, int offset, 1735* struct sctphdr sh, struct sctp_cookie_echo_chunk cp, 1736 struct sctp_inpcb inp_p, struct sctp_tcb stcb, struct sctp_nets *netp, 1737* int auth_skipped, uint32_t auth_offset, uint32_t auth_len,
1746 struct sctp_tcb **locked_tcb, uint32_t vrf_id, uint32_t table_id)	1738 struct sctp_tcb **locked_tcb, uint32_t vrf_id)
1747{ 1748 struct sctp_state_cookie cookie; 1749* struct sockaddr_in6 sin6; 1750 struct sockaddr_in sin; 1751 struct sctp_tcb l_stcb = stcb; 1752 struct sctp_inpcb l_inp; 1753* struct sockaddr to; 1754* sctp_assoc_t sac_restart_id; --- 190 unchanged lines hidden (view full) --- 1945 (sizeof(uint32_t)))); 1946 /* seconds to usec / 1947* tim = (now.tv_sec - time_expires.tv_sec) * 1000000; 1948 /* add in usec / 1949* if (tim == 0) 1950 tim = now.tv_usec - cookie->time_entered.tv_usec; 1951 scm->time_usec = htonl(tim); 1952 sctp_send_operr_to(m, iphlen, op_err, cookie->peers_vtag,	1739{ 1740 struct sctp_state_cookie cookie; 1741* struct sockaddr_in6 sin6; 1742 struct sockaddr_in sin; 1743 struct sctp_tcb l_stcb = stcb; 1744 struct sctp_inpcb l_inp; 1745* struct sockaddr to; 1746* sctp_assoc_t sac_restart_id; --- 190 unchanged lines hidden (view full) --- 1937 (sizeof(uint32_t)))); 1938 /* seconds to usec / 1939* tim = (now.tv_sec - time_expires.tv_sec) * 1000000; 1940 /* add in usec / 1941* if (tim == 0) 1942 tim = now.tv_usec - cookie->time_entered.tv_usec; 1943 scm->time_usec = htonl(tim); 1944 sctp_send_operr_to(m, iphlen, op_err, cookie->peers_vtag,
1953 vrf_id, table_id);	1945 vrf_id);
1954 return (NULL); 1955 } 1956 /* 1957 * Now we must see with the lookup address if we have an existing 1958 * asoc. This will only happen if we were in the COOKIE-WAIT state 1959 * and a INIT collided with us and somewhere the peer sent the 1960 * cookie on another address besides the single address our assoc 1961 * had for him. In this case we will have one of the tie-tags set at --- 63 unchanged lines hidden (view full) --- 2025 if (to == NULL) 2026 return (NULL); 2027 2028 cookie_len -= SCTP_SIGNATURE_SIZE; 2029 if (stcb == NULL) { 2030* /* this is the "normal" case... get a new TCB / 2031* stcb = sctp_process_cookie_new(m, iphlen, offset, sh, cookie, 2032* cookie_len, *inp_p, netp, to, &notification,	1946 return (NULL); 1947 } 1948 /* 1949 * Now we must see with the lookup address if we have an existing 1950 * asoc. This will only happen if we were in the COOKIE-WAIT state 1951 * and a INIT collided with us and somewhere the peer sent the 1952 * cookie on another address besides the single address our assoc 1953 * had for him. In this case we will have one of the tie-tags set at --- 63 unchanged lines hidden (view full) --- 2017 if (to == NULL) 2018 return (NULL); 2019 2020 cookie_len -= SCTP_SIGNATURE_SIZE; 2021 if (stcb == NULL) { 2022* /* this is the "normal" case... get a new TCB / 2023* stcb = sctp_process_cookie_new(m, iphlen, offset, sh, cookie, 2024* cookie_len, *inp_p, netp, to, &notification,
2033 auth_skipped, auth_offset, auth_len, vrf_id, table_id);	2025 auth_skipped, auth_offset, auth_len, vrf_id);
2034 } else { 2035 /* this is abnormal... cookie-echo on existing TCB / 2036* had_a_existing_tcb = 1; 2037 *stcb = sctp_process_cookie_existing(m, iphlen, offset, sh,	2026 } else { 2027 /* this is abnormal... cookie-echo on existing TCB / 2028* had_a_existing_tcb = 1; 2029 *stcb = sctp_process_cookie_existing(m, iphlen, offset, sh,
2038 cookie, cookie_len, inp_p, stcb, netp, to, &notification, 2039* &sac_restart_id, vrf_id, table_id);	2030 cookie, cookie_len, inp_p, stcb, netp, to, 2031* &notification, &sac_restart_id, vrf_id);
2040 } 2041 2042 if (stcb == NULL) { 2043* /* still no TCB... must be bad cookie-echo / 2044* return (NULL); 2045 } 2046 /* 2047 * Ok, we built an association so confirm the address we sent the --- 58 unchanged lines hidden (view full) --- 2106 SCTP_INP_WUNLOCK((stcb)->sctp_ep); 2107* if (so == NULL) { 2108 struct mbuf op_err; 2109* 2110 /* Too many sockets / 2111* SCTPDBG(SCTP_DEBUG_INPUT1, "process_cookie_new: no room for another socket!\n"); 2112 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 2113 sctp_abort_association(*inp_p, NULL, m, iphlen,	2032 } 2033 2034 if (stcb == NULL) { 2035* /* still no TCB... must be bad cookie-echo / 2036* return (NULL); 2037 } 2038 /* 2039 * Ok, we built an association so confirm the address we sent the --- 58 unchanged lines hidden (view full) --- 2098 SCTP_INP_WUNLOCK((stcb)->sctp_ep); 2099* if (so == NULL) { 2100 struct mbuf op_err; 2101* 2102 /* Too many sockets / 2103* SCTPDBG(SCTP_DEBUG_INPUT1, "process_cookie_new: no room for another socket!\n"); 2104 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 2105 sctp_abort_association(*inp_p, NULL, m, iphlen,
2114 sh, op_err, vrf_id, 2115 table_id);	2106 sh, op_err, vrf_id);
2116 sctp_free_assoc(inp_p, stcb, SCTP_NORMAL_PROC, SCTP_FROM_SCTP_INPUT + SCTP_LOC_20); 2117 return (NULL); 2118 } 2119 inp = (struct sctp_inpcb )so->so_pcb; 2120* SCTP_INP_INCR_REF(inp); 2121 /* 2122 * We add the unbound flag here so that if we get an 2123 * soabort() before we get the move_pcb done, we --- 1323 unchanged lines hidden (view full) --- 3447 / 3448#ifdef __GNUC__ 3449__attribute__((noinline)) 3450#endif 3451* static struct sctp_tcb * 3452 sctp_process_control(struct mbuf m, int iphlen, int offset, int length, 3453 struct sctphdr sh, struct sctp_chunkhdr ch, struct sctp_inpcb inp, 3454* struct sctp_tcb stcb, struct sctp_nets netp, int fwd_tsn_seen,	2107 sctp_free_assoc(inp_p, stcb, SCTP_NORMAL_PROC, SCTP_FROM_SCTP_INPUT + SCTP_LOC_20); 2108 return (NULL); 2109 } 2110 inp = (struct sctp_inpcb )so->so_pcb; 2111* SCTP_INP_INCR_REF(inp); 2112 /* 2113 * We add the unbound flag here so that if we get an 2114 * soabort() before we get the move_pcb done, we --- 1323 unchanged lines hidden (view full) --- 3438 / 3439#ifdef __GNUC__ 3440__attribute__((noinline)) 3441#endif 3442* static struct sctp_tcb * 3443 sctp_process_control(struct mbuf m, int iphlen, int offset, int length, 3444 struct sctphdr sh, struct sctp_chunkhdr ch, struct sctp_inpcb inp, 3445* struct sctp_tcb stcb, struct sctp_nets netp, int fwd_tsn_seen,
3455 uint32_t vrf_id, uint32_t table_id)	3446 uint32_t vrf_id)
3456{ 3457 struct sctp_association asoc; 3458* uint32_t vtag_in; 3459 int num_chunks = 0; /* number of control chunks processed / 3460* uint32_t chk_length; 3461 int ret; 3462 int abort_no_unlock = 0; 3463 --- 114 unchanged lines hidden (view full) --- 3578 /* remaining chunks are HMAC checked / 3579* stcb->asoc.authenticated = 1; 3580 } 3581 } 3582 } 3583 if (stcb == NULL) { 3584 /* no association, so it's out of the blue... / 3585* sctp_handle_ootb(m, iphlen, *offset, sh, inp, NULL,	3447{ 3448 struct sctp_association asoc; 3449* uint32_t vtag_in; 3450 int num_chunks = 0; /* number of control chunks processed / 3451* uint32_t chk_length; 3452 int ret; 3453 int abort_no_unlock = 0; 3454 --- 114 unchanged lines hidden (view full) --- 3569 /* remaining chunks are HMAC checked / 3570* stcb->asoc.authenticated = 1; 3571 } 3572 } 3573 } 3574 if (stcb == NULL) { 3575 /* no association, so it's out of the blue... / 3576* sctp_handle_ootb(m, iphlen, *offset, sh, inp, NULL,
3586 vrf_id, table_id);	3577 vrf_id);
3587 offset = length; 3588* if (locked_tcb) { 3589 SCTP_TCB_UNLOCK(locked_tcb); 3590 } 3591 return (NULL); 3592 } 3593 asoc = &stcb->asoc; 3594 /* ABORT and SHUTDOWN can use either v_tag... / --- 20 unchanged lines hidden* (view full) --- 3615 * is still hung; we have started a new asoc 3616 * but it won't complete until the shutdown 3617 * is completed 3618 / 3619* if (locked_tcb) { 3620 SCTP_TCB_UNLOCK(locked_tcb); 3621 } 3622 sctp_handle_ootb(m, iphlen, *offset, sh, inp,	3578 offset = length; 3579* if (locked_tcb) { 3580 SCTP_TCB_UNLOCK(locked_tcb); 3581 } 3582 return (NULL); 3583 } 3584 asoc = &stcb->asoc; 3585 /* ABORT and SHUTDOWN can use either v_tag... / --- 20 unchanged lines hidden* (view full) --- 3606 * is still hung; we have started a new asoc 3607 * but it won't complete until the shutdown 3608 * is completed 3609 / 3610* if (locked_tcb) { 3611 SCTP_TCB_UNLOCK(locked_tcb); 3612 } 3613 sctp_handle_ootb(m, iphlen, *offset, sh, inp,
3623 NULL, vrf_id, table_id);	3614 NULL, vrf_id);
3624 return (NULL); 3625 } 3626 } else { 3627 /* for all other chunks, vtag must match / 3628* if (vtag_in != asoc->my_vtag) { 3629 /* invalid vtag... / 3630* SCTPDBG(SCTP_DEBUG_INPUT3, 3631 "invalid vtag: %xh, expect %xh\n", --- 175 unchanged lines hidden (view full) --- 3807 if (locked_tcb) { 3808 SCTP_TCB_UNLOCK(locked_tcb); 3809 } 3810 return (NULL); 3811 } 3812 if (netp) { 3813 sctp_handle_init(m, iphlen, offset, sh, 3814* (struct sctp_init_chunk *)ch, inp,	3615 return (NULL); 3616 } 3617 } else { 3618 /* for all other chunks, vtag must match / 3619* if (vtag_in != asoc->my_vtag) { 3620 /* invalid vtag... / 3621* SCTPDBG(SCTP_DEBUG_INPUT3, 3622 "invalid vtag: %xh, expect %xh\n", --- 175 unchanged lines hidden (view full) --- 3798 if (locked_tcb) { 3799 SCTP_TCB_UNLOCK(locked_tcb); 3800 } 3801 return (NULL); 3802 } 3803 if (netp) { 3804 sctp_handle_init(m, iphlen, offset, sh, 3805* (struct sctp_init_chunk *)ch, inp,
3815 stcb, *netp, &abort_no_unlock, vrf_id, table_id);	3806 stcb, *netp, &abort_no_unlock, vrf_id);
3816 } 3817 if (abort_no_unlock) 3818 return (NULL); 3819 3820 offset = length; 3821* if (locked_tcb) { 3822 SCTP_TCB_UNLOCK(locked_tcb); 3823 } --- 22 unchanged lines hidden (view full) --- 3846 offset = length; 3847* if (locked_tcb) { 3848 SCTP_TCB_UNLOCK(locked_tcb); 3849 } 3850 return (NULL); 3851 } 3852 if ((netp) && (netp)) { 3853* ret = sctp_handle_init_ack(m, iphlen, *offset, sh,	3807 } 3808 if (abort_no_unlock) 3809 return (NULL); 3810 3811 offset = length; 3812* if (locked_tcb) { 3813 SCTP_TCB_UNLOCK(locked_tcb); 3814 } --- 22 unchanged lines hidden (view full) --- 3837 offset = length; 3838* if (locked_tcb) { 3839 SCTP_TCB_UNLOCK(locked_tcb); 3840 } 3841 return (NULL); 3842 } 3843 if ((netp) && (netp)) { 3844* ret = sctp_handle_init_ack(m, iphlen, *offset, sh,
3854 (struct sctp_init_ack_chunk )ch, stcb, netp, &abort_no_unlock, vrf_id, table_id);	3845 (struct sctp_init_ack_chunk )ch, stcb, netp, &abort_no_unlock, vrf_id);
3855 } else { 3856 ret = -1; 3857 } 3858 /* 3859 * Special case, I must call the output routine to 3860 * get the cookie echoed 3861 / 3862* if (abort_no_unlock) --- 160 unchanged lines hidden (view full) --- 4023 * special case, is this a retran'd 4024 * COOKIE-ECHO or a restarting assoc 4025 * that is a peeled off or 4026 * one-to-one style socket. 4027 / 4028* goto process_cookie_anyway; 4029 } 4030 sctp_abort_association(inp, stcb, m, iphlen,	3846 } else { 3847 ret = -1; 3848 } 3849 /* 3850 * Special case, I must call the output routine to 3851 * get the cookie echoed 3852 / 3853* if (abort_no_unlock) --- 160 unchanged lines hidden (view full) --- 4014 * special case, is this a retran'd 4015 * COOKIE-ECHO or a restarting assoc 4016 * that is a peeled off or 4017 * one-to-one style socket. 4018 / 4019* goto process_cookie_anyway; 4020 } 4021 sctp_abort_association(inp, stcb, m, iphlen,
4031 sh, NULL, vrf_id, 4032 table_id);	4022 sh, NULL, vrf_id);
4033 offset = length; 4034* return (NULL); 4035 } else if (inp->sctp_socket->so_qlimit) { 4036 /* we are accepting so check limits like TCP / 4037* if (inp->sctp_socket->so_qlen > 4038 inp->sctp_socket->so_qlimit) { 4039 /* no space / 4040* struct mbuf oper; --- 9 unchanged lines hidden* (view full) --- 4050 phdr = mtod(oper, 4051 struct sctp_paramhdr ); 4052* phdr->param_type = 4053 htons(SCTP_CAUSE_OUT_OF_RESC); 4054 phdr->param_length = 4055 htons(sizeof(struct sctp_paramhdr)); 4056 } 4057 sctp_abort_association(inp, stcb, m,	4023 offset = length; 4024* return (NULL); 4025 } else if (inp->sctp_socket->so_qlimit) { 4026 /* we are accepting so check limits like TCP / 4027* if (inp->sctp_socket->so_qlen > 4028 inp->sctp_socket->so_qlimit) { 4029 /* no space / 4030* struct mbuf oper; --- 9 unchanged lines hidden* (view full) --- 4040 phdr = mtod(oper, 4041 struct sctp_paramhdr ); 4042* phdr->param_type = 4043 htons(SCTP_CAUSE_OUT_OF_RESC); 4044 phdr->param_length = 4045 htons(sizeof(struct sctp_paramhdr)); 4046 } 4047 sctp_abort_association(inp, stcb, m,
4058 iphlen, sh, oper, vrf_id, table_id);	4048 iphlen, sh, oper, vrf_id);
4059 } 4060 offset = length; 4061* return (NULL); 4062 } 4063 } 4064 process_cookie_anyway: 4065 { 4066 struct mbuf ret_buf; --- 13 unchanged lines hidden* (view full) --- 4080 sctp_handle_cookie_echo(m, iphlen, 4081 offset, sh, 4082* (struct sctp_cookie_echo_chunk )ch, 4083* &inp, &stcb, netp, 4084 auth_skipped, 4085 auth_offset, 4086 auth_len, 4087 &locked_tcb,	4049 } 4050 offset = length; 4051* return (NULL); 4052 } 4053 } 4054 process_cookie_anyway: 4055 { 4056 struct mbuf ret_buf; --- 13 unchanged lines hidden* (view full) --- 4070 sctp_handle_cookie_echo(m, iphlen, 4071 offset, sh, 4072* (struct sctp_cookie_echo_chunk )ch, 4073* &inp, &stcb, netp, 4074 auth_skipped, 4075 auth_offset, 4076 auth_len, 4077 &locked_tcb,
4088 vrf_id, 4089 table_id);	4078 vrf_id);
4090 } else { 4091 ret_buf = NULL; 4092 } 4093 if (linp) { 4094 SCTP_ASOC_CREATE_UNLOCK(linp); 4095 } 4096 if (ret_buf == NULL) { 4097 if (locked_tcb) { --- 380 unchanged lines hidden (view full) --- 4478 4479/* 4480 * common input chunk processing (v4 and v6) 4481 / 4482void 4483sctp_common_input_processing(struct mbuf mm, int iphlen, int offset, 4484* int length, struct sctphdr sh, struct sctp_chunkhdr ch, 4485 struct sctp_inpcb inp, struct sctp_tcb stcb, struct sctp_nets *net,	4079 } else { 4080 ret_buf = NULL; 4081 } 4082 if (linp) { 4083 SCTP_ASOC_CREATE_UNLOCK(linp); 4084 } 4085 if (ret_buf == NULL) { 4086 if (locked_tcb) { --- 380 unchanged lines hidden (view full) --- 4467 4468/* 4469 * common input chunk processing (v4 and v6) 4470 / 4471void 4472sctp_common_input_processing(struct mbuf mm, int iphlen, int offset, 4473* int length, struct sctphdr sh, struct sctp_chunkhdr ch, 4474 struct sctp_inpcb inp, struct sctp_tcb stcb, struct sctp_nets *net,
4486 uint8_t ecn_bits, uint32_t vrf_id, uint32_t table_id)	4475 uint8_t ecn_bits, uint32_t vrf_id)
4487{ 4488 /* 4489 * Control chunk processing 4490 / 4491* uint32_t high_tsn; 4492 int fwd_tsn_seen = 0, data_processed = 0; 4493 struct mbuf m = mm; 4494 int abort_flag = 0; --- 12 unchanged lines hidden (view full) --- 4507 /* always clear this before beginning a packet / 4508* stcb->asoc.authenticated = 0; 4509 stcb->asoc.seen_a_sack_this_pkt = 0; 4510 } 4511 if (IS_SCTP_CONTROL(ch)) { 4512 /* process the control portion of the SCTP packet / 4513* /* sa_ignore NO_NULL_CHK / 4514* stcb = sctp_process_control(m, iphlen, &offset, length, sh, ch,	4476{ 4477 /* 4478 * Control chunk processing 4479 / 4480* uint32_t high_tsn; 4481 int fwd_tsn_seen = 0, data_processed = 0; 4482 struct mbuf m = mm; 4483 int abort_flag = 0; --- 12 unchanged lines hidden (view full) --- 4496 /* always clear this before beginning a packet / 4497* stcb->asoc.authenticated = 0; 4498 stcb->asoc.seen_a_sack_this_pkt = 0; 4499 } 4500 if (IS_SCTP_CONTROL(ch)) { 4501 /* process the control portion of the SCTP packet / 4502* /* sa_ignore NO_NULL_CHK / 4503* stcb = sctp_process_control(m, iphlen, &offset, length, sh, ch,
4515 inp, stcb, &net, &fwd_tsn_seen, vrf_id, table_id);	4504 inp, stcb, &net, &fwd_tsn_seen, vrf_id);
4516 if (stcb) { 4517 /* 4518 * This covers us if the cookie-echo was there and 4519 * it changes our INP. 4520 / 4521* inp = stcb->sctp_ep; 4522 } 4523 } else { --- 13 unchanged lines hidden (view full) --- 4537 /* "silently" ignore / 4538* SCTP_STAT_INCR(sctps_recvauthmissing); 4539 SCTP_TCB_UNLOCK(stcb); 4540 return; 4541 } 4542 if (stcb == NULL) { 4543 /* out of the blue DATA chunk / 4544* sctp_handle_ootb(m, iphlen, offset, sh, inp, NULL,	4505 if (stcb) { 4506 /* 4507 * This covers us if the cookie-echo was there and 4508 * it changes our INP. 4509 / 4510* inp = stcb->sctp_ep; 4511 } 4512 } else { --- 13 unchanged lines hidden (view full) --- 4526 /* "silently" ignore / 4527* SCTP_STAT_INCR(sctps_recvauthmissing); 4528 SCTP_TCB_UNLOCK(stcb); 4529 return; 4530 } 4531 if (stcb == NULL) { 4532 /* out of the blue DATA chunk / 4533* sctp_handle_ootb(m, iphlen, offset, sh, inp, NULL,
4545 vrf_id, table_id);	4534 vrf_id);
4546 return; 4547 } 4548 if (stcb->asoc.my_vtag != ntohl(sh->v_tag)) { 4549 /* v_tag mismatch! / 4550* SCTP_STAT_INCR(sctps_badvtag); 4551 SCTP_TCB_UNLOCK(stcb); 4552 return; 4553 } --- 44 unchanged lines hidden (view full) --- 4598 stcb->asoc.overall_error_count = 0; 4599 sctp_handle_cookie_ack((struct sctp_cookie_ack_chunk )ch, stcb, net); 4600* break; 4601 case SCTP_STATE_COOKIE_WAIT: 4602 /* 4603 * We consider OOTB any data sent during asoc setup. 4604 / 4605* sctp_handle_ootb(m, iphlen, offset, sh, inp, NULL,	4535 return; 4536 } 4537 if (stcb->asoc.my_vtag != ntohl(sh->v_tag)) { 4538 /* v_tag mismatch! / 4539* SCTP_STAT_INCR(sctps_badvtag); 4540 SCTP_TCB_UNLOCK(stcb); 4541 return; 4542 } --- 44 unchanged lines hidden (view full) --- 4587 stcb->asoc.overall_error_count = 0; 4588 sctp_handle_cookie_ack((struct sctp_cookie_ack_chunk )ch, stcb, net); 4589* break; 4590 case SCTP_STATE_COOKIE_WAIT: 4591 /* 4592 * We consider OOTB any data sent during asoc setup. 4593 / 4594* sctp_handle_ootb(m, iphlen, offset, sh, inp, NULL,
4606 vrf_id, table_id);	4595 vrf_id);
4607 SCTP_TCB_UNLOCK(stcb); 4608 return; 4609 break; 4610 case SCTP_STATE_EMPTY: /* should not happen / 4611* case SCTP_STATE_INUSE: /* should not happen / 4612* case SCTP_STATE_SHUTDOWN_RECEIVED: /* This is a peer error / 4613* case SCTP_STATE_SHUTDOWN_ACK_SENT: 4614 default: --- 85 unchanged lines hidden (view full) --- 4700 4701{ 4702#ifdef SCTP_MBUF_LOGGING 4703 struct mbuf mat; 4704* 4705#endif 4706 struct mbuf m; 4707* int iphlen;	4596 SCTP_TCB_UNLOCK(stcb); 4597 return; 4598 break; 4599 case SCTP_STATE_EMPTY: /* should not happen / 4600* case SCTP_STATE_INUSE: /* should not happen / 4601* case SCTP_STATE_SHUTDOWN_RECEIVED: /* This is a peer error / 4602* case SCTP_STATE_SHUTDOWN_ACK_SENT: 4603 default: --- 85 unchanged lines hidden (view full) --- 4689 4690{ 4691#ifdef SCTP_MBUF_LOGGING 4692 struct mbuf mat; 4693* 4694#endif 4695 struct mbuf m; 4696* int iphlen;
4708 uint32_t vrf_id = 0, table_id = 0;	4697 uint32_t vrf_id = 0;
4709 uint8_t ecn_bits; 4710 struct ip ip; 4711* struct sctphdr sh; 4712* struct sctp_inpcb inp = NULL; 4713* 4714 uint32_t check, calc_check; 4715 struct sctp_nets net; 4716* struct sctp_tcb stcb = NULL; 4717* struct sctp_chunkhdr ch; 4718* int refcount_up = 0; 4719 int length, mlen, offset; 4720 4721 4722 if (SCTP_GET_PKT_VRFID(i_pak, vrf_id)) { 4723 SCTP_RELEASE_PKT(i_pak); 4724 return; 4725 }	4698 uint8_t ecn_bits; 4699 struct ip ip; 4700* struct sctphdr sh; 4701* struct sctp_inpcb inp = NULL; 4702* 4703 uint32_t check, calc_check; 4704 struct sctp_nets net; 4705* struct sctp_tcb stcb = NULL; 4706* struct sctp_chunkhdr ch; 4707* int refcount_up = 0; 4708 int length, mlen, offset; 4709 4710 4711 if (SCTP_GET_PKT_VRFID(i_pak, vrf_id)) { 4712 SCTP_RELEASE_PKT(i_pak); 4713 return; 4714 }
4726 if (SCTP_GET_PKT_TABLEID(i_pak, table_id)) { 4727 SCTP_RELEASE_PKT(i_pak); 4728 return; 4729 }
4730 mlen = SCTP_HEADER_LEN(i_pak); 4731 iphlen = off; 4732 m = SCTP_HEADER_TO_CHAIN(i_pak); 4733 4734 net = NULL; 4735 SCTP_STAT_INCR(sctps_recvpackets); 4736 SCTP_STAT_INCR_COUNTER64(sctps_inpackets); 4737 --- 122 unchanged lines hidden (view full) --- 4860 / 4861* init_chk = (struct sctp_init_chunk )sctp_m_getptr(m, 4862* iphlen + sizeof(sh), sizeof(init_chk), 4863 (uint8_t ) & chunk_buf); 4864* if (init_chk != NULL) 4865 sh->v_tag = init_chk->init.initiate_tag; 4866 } 4867 if (ch->chunk_type == SCTP_SHUTDOWN_ACK) {	4715 mlen = SCTP_HEADER_LEN(i_pak); 4716 iphlen = off; 4717 m = SCTP_HEADER_TO_CHAIN(i_pak); 4718 4719 net = NULL; 4720 SCTP_STAT_INCR(sctps_recvpackets); 4721 SCTP_STAT_INCR_COUNTER64(sctps_inpackets); 4722 --- 122 unchanged lines hidden (view full) --- 4845 / 4846* init_chk = (struct sctp_init_chunk )sctp_m_getptr(m, 4847* iphlen + sizeof(sh), sizeof(init_chk), 4848 (uint8_t ) & chunk_buf); 4849* if (init_chk != NULL) 4850 sh->v_tag = init_chk->init.initiate_tag; 4851 } 4852 if (ch->chunk_type == SCTP_SHUTDOWN_ACK) {
4868 sctp_send_shutdown_complete2(m, iphlen, sh, vrf_id, 4869 table_id);	4853 sctp_send_shutdown_complete2(m, iphlen, sh, vrf_id);
4870 goto bad; 4871 } 4872 if (ch->chunk_type == SCTP_SHUTDOWN_COMPLETE) { 4873 goto bad; 4874 } 4875 if (ch->chunk_type != SCTP_ABORT_ASSOCIATION)	4854 goto bad; 4855 } 4856 if (ch->chunk_type == SCTP_SHUTDOWN_COMPLETE) { 4857 goto bad; 4858 } 4859 if (ch->chunk_type != SCTP_ABORT_ASSOCIATION)
4876 sctp_send_abort(m, iphlen, sh, 0, NULL, vrf_id, 4877 table_id);	4860 sctp_send_abort(m, iphlen, sh, 0, NULL, vrf_id);
4878 goto bad; 4879 } else if (stcb == NULL) { 4880 refcount_up = 1; 4881 } 4882#ifdef IPSEC 4883 /* 4884 * I very much doubt any of the IPSEC stuff will work but I have no 4885 * idea, so I will leave it in place. --- 11 unchanged lines hidden (view full) --- 4897 / 4898* length = ip->ip_len + iphlen; 4899 offset -= sizeof(struct sctp_chunkhdr); 4900 4901 ecn_bits = ip->ip_tos; 4902 4903 /* sa_ignore NO_NULL_CHK / 4904* sctp_common_input_processing(&m, iphlen, offset, length, sh, ch,	4861 goto bad; 4862 } else if (stcb == NULL) { 4863 refcount_up = 1; 4864 } 4865#ifdef IPSEC 4866 /* 4867 * I very much doubt any of the IPSEC stuff will work but I have no 4868 * idea, so I will leave it in place. --- 11 unchanged lines hidden (view full) --- 4880 / 4881* length = ip->ip_len + iphlen; 4882 offset -= sizeof(struct sctp_chunkhdr); 4883 4884 ecn_bits = ip->ip_tos; 4885 4886 /* sa_ignore NO_NULL_CHK / 4887* sctp_common_input_processing(&m, iphlen, offset, length, sh, ch,
4905 inp, stcb, net, ecn_bits, vrf_id, 4906 table_id);	4888 inp, stcb, net, ecn_bits, vrf_id);
4907 /* inp's ref-count reduced && stcb unlocked / 4908* if (m) { 4909 sctp_m_freem(m); 4910 } 4911 if ((inp) && (refcount_up)) { 4912 /* reduce ref-count / 4913* SCTP_INP_WLOCK(inp); 4914 SCTP_INP_DECR_REF(inp); --- 18 unchanged lines hidden ---	4889 /* inp's ref-count reduced && stcb unlocked / 4890* if (m) { 4891 sctp_m_freem(m); 4892 } 4893 if ((inp) && (refcount_up)) { 4894 /* reduce ref-count / 4895* SCTP_INP_WLOCK(inp); 4896 SCTP_INP_DECR_REF(inp); --- 18 unchanged lines hidden ---

sctp_input.c (170140)	sctp_input.c (170181)
1/- 2 Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are met: 6 * 7 * a) Redistributions of source code must retain the above copyright notice, 8 * this list of conditions and the following disclaimer. --- 17 unchanged lines hidden (view full) --- 26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 28 * THE POSSIBILITY OF SUCH DAMAGE. 29 / 30 31/ $KAME: sctp_input.c,v 1.27 2005/03/06 16:04:17 itojun Exp $ */ 32 33#include <sys/cdefs.h>	1/- 2 Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are met: 6 * 7 * a) Redistributions of source code must retain the above copyright notice, 8 * this list of conditions and the following disclaimer. --- 17 unchanged lines hidden (view full) --- 26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 28 * THE POSSIBILITY OF SUCH DAMAGE. 29 / 30 31/ $KAME: sctp_input.c,v 1.27 2005/03/06 16:04:17 itojun Exp $ */ 32 33#include <sys/cdefs.h>
34__FBSDID("$FreeBSD: head/sys/netinet/sctp_input.c 170140 2007-05-30 22:34:21Z rrs $");	34__FBSDID("$FreeBSD: head/sys/netinet/sctp_input.c 170181 2007-06-01 11:19:54Z rrs $");
35 36#include <netinet/sctp_os.h> 37#include <netinet/sctp_var.h> 38#include <netinet/sctp_sysctl.h> 39#include <netinet/sctp_pcb.h> 40#include <netinet/sctp_header.h> 41#include <netinet/sctputil.h> 42#include <netinet/sctp_output.h> --- 30 unchanged lines hidden (view full) --- 73 } 74 } 75} 76 77/* INIT handler / 78static void 79sctp_handle_init(struct mbuf m, int iphlen, int offset, struct sctphdr sh, 80 struct sctp_init_chunk cp, struct sctp_inpcb inp, struct sctp_tcb stcb,	35 36#include <netinet/sctp_os.h> 37#include <netinet/sctp_var.h> 38#include <netinet/sctp_sysctl.h> 39#include <netinet/sctp_pcb.h> 40#include <netinet/sctp_header.h> 41#include <netinet/sctputil.h> 42#include <netinet/sctp_output.h> --- 30 unchanged lines hidden (view full) --- 73 } 74 } 75} 76 77/* INIT handler / 78static void 79sctp_handle_init(struct mbuf m, int iphlen, int offset, struct sctphdr sh, 80 struct sctp_init_chunk cp, struct sctp_inpcb inp, struct sctp_tcb stcb,
81 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id, 82 uint32_t table_id)	81 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id)
83{ 84 struct sctp_init init; 85 struct mbuf op_err; 86 uint32_t init_limit; 87 88 SCTPDBG(SCTP_DEBUG_INPUT2, "sctp_handle_init: handling INIT tcb:%p\n", 89 stcb); 90 op_err = NULL; 91 init = &cp->init; 92 /* First are we accepting? / 93 if ((inp->sctp_socket->so_qlimit == 0) && (stcb == NULL)) { 94 SCTPDBG(SCTP_DEBUG_INPUT2, 95 "sctp_handle_init: Abort, so_qlimit:%d\n", 96 inp->sctp_socket->so_qlimit); 97 / 98 * FIX ME ?? What about TCP model and we have a 99 * match/restart case? 100 / 101* sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	82{ 83 struct sctp_init init; 84 struct mbuf op_err; 85 uint32_t init_limit; 86 87 SCTPDBG(SCTP_DEBUG_INPUT2, "sctp_handle_init: handling INIT tcb:%p\n", 88 stcb); 89 op_err = NULL; 90 init = &cp->init; 91 /* First are we accepting? / 92 if ((inp->sctp_socket->so_qlimit == 0) && (stcb == NULL)) { 93 SCTPDBG(SCTP_DEBUG_INPUT2, 94 "sctp_handle_init: Abort, so_qlimit:%d\n", 95 inp->sctp_socket->so_qlimit); 96 / 97 * FIX ME ?? What about TCP model and we have a 98 * match/restart case? 99 / 100* sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
102 vrf_id, table_id);	101 vrf_id);
103 if (stcb) 104 abort_no_unlock = 1; 105* return; 106 } 107 if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_init_chunk)) { 108 /* Invalid length / 109* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 110 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	102 if (stcb) 103 abort_no_unlock = 1; 104* return; 105 } 106 if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_init_chunk)) { 107 /* Invalid length / 108* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 109 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
111 vrf_id, table_id);	110 vrf_id);
112 if (stcb) 113 abort_no_unlock = 1; 114* return; 115 } 116 /* validate parameters / 117* if (init->initiate_tag == 0) { 118 /* protocol error... send abort / 119* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 120 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	111 if (stcb) 112 abort_no_unlock = 1; 113* return; 114 } 115 /* validate parameters / 116* if (init->initiate_tag == 0) { 117 /* protocol error... send abort / 118* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 119 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
121 vrf_id, table_id);	120 vrf_id);
122 if (stcb) 123 abort_no_unlock = 1; 124* return; 125 } 126 if (ntohl(init->a_rwnd) < SCTP_MIN_RWND) { 127 /* invalid parameter... send abort / 128* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 129 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	121 if (stcb) 122 abort_no_unlock = 1; 123* return; 124 } 125 if (ntohl(init->a_rwnd) < SCTP_MIN_RWND) { 126 /* invalid parameter... send abort / 127* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 128 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
130 vrf_id, table_id);	129 vrf_id);
131 return; 132 } 133 if (init->num_inbound_streams == 0) { 134 /* protocol error... send abort / 135* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 136 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	130 return; 131 } 132 if (init->num_inbound_streams == 0) { 133 /* protocol error... send abort / 134* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 135 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
137 vrf_id, table_id);	136 vrf_id);
138 if (stcb) 139 abort_no_unlock = 1; 140* return; 141 } 142 if (init->num_outbound_streams == 0) { 143 /* protocol error... send abort / 144* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 145 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,	137 if (stcb) 138 abort_no_unlock = 1; 139* return; 140 } 141 if (init->num_outbound_streams == 0) { 142 /* protocol error... send abort / 143* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 144 sctp_abort_association(inp, stcb, m, iphlen, sh, op_err,
146 vrf_id, table_id);	145 vrf_id);
147 if (stcb) 148 abort_no_unlock = 1; 149* return; 150 } 151 init_limit = offset + ntohs(cp->ch.chunk_length); 152 if (sctp_validate_init_auth_params(m, offset + sizeof(cp), 153* init_limit)) { 154 /* auth parameter(s) error... send abort */	146 if (stcb) 147 abort_no_unlock = 1; 148* return; 149 } 150 init_limit = offset + ntohs(cp->ch.chunk_length); 151 if (sctp_validate_init_auth_params(m, offset + sizeof(cp), 152* init_limit)) { 153 /* auth parameter(s) error... send abort */
155 sctp_abort_association(inp, stcb, m, iphlen, sh, NULL, vrf_id, 156 table_id);	154 sctp_abort_association(inp, stcb, m, iphlen, sh, NULL, vrf_id);
157 if (stcb) 158 abort_no_unlock = 1; 159* return; 160 } 161 /* send an INIT-ACK w/cookie / 162* SCTPDBG(SCTP_DEBUG_INPUT3, "sctp_handle_init: sending INIT-ACK\n");	155 if (stcb) 156 abort_no_unlock = 1; 157* return; 158 } 159 /* send an INIT-ACK w/cookie / 160* SCTPDBG(SCTP_DEBUG_INPUT3, "sctp_handle_init: sending INIT-ACK\n");
163 sctp_send_initiate_ack(inp, stcb, m, iphlen, offset, sh, cp, vrf_id, 164 table_id);	161 sctp_send_initiate_ack(inp, stcb, m, iphlen, offset, sh, cp, vrf_id);
165} 166 167/* 168 * process peer "INIT/INIT-ACK" chunk returns value < 0 on error 169 / 170static int 171sctp_process_init(struct sctp_init_chunk cp, struct sctp_tcb stcb, 172* struct sctp_nets net) --- 128 unchanged lines hidden* (view full) --- 301} 302 303/* 304 * INIT-ACK message processing/consumption returns value < 0 on error 305 / 306static int 307sctp_process_init_ack(struct mbuf m, int iphlen, int offset, 308 struct sctphdr sh, struct sctp_init_ack_chunk cp, struct sctp_tcb *stcb,	162} 163 164/* 165 * process peer "INIT/INIT-ACK" chunk returns value < 0 on error 166 / 167static int 168sctp_process_init(struct sctp_init_chunk cp, struct sctp_tcb stcb, 169* struct sctp_nets net) --- 128 unchanged lines hidden* (view full) --- 298} 299 300/* 301 * INIT-ACK message processing/consumption returns value < 0 on error 302 / 303static int 304sctp_process_init_ack(struct mbuf m, int iphlen, int offset, 305 struct sctphdr sh, struct sctp_init_ack_chunk cp, struct sctp_tcb *stcb,
309 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id, 310 uint32_t table_id)	306 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id)
311{ 312 struct sctp_association asoc; 313* struct mbuf op_err; 314* int retval, abort_flag; 315 uint32_t initack_limit; 316 317 /* First verify that we have no illegal param's / 318* abort_flag = 0; --- 19 unchanged lines hidden (view full) --- 338 if ((retval = sctp_load_addresses_from_init(stcb, m, iphlen, 339 (offset + sizeof(struct sctp_init_chunk)), initack_limit, sh, 340 NULL))) { 341 /* Huh, we should abort / 342* SCTPDBG(SCTP_DEBUG_INPUT1, 343 "Load addresses from INIT causes an abort %d\n", 344 retval); 345 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	307{ 308 struct sctp_association asoc; 309* struct mbuf op_err; 310* int retval, abort_flag; 311 uint32_t initack_limit; 312 313 /* First verify that we have no illegal param's / 314* abort_flag = 0; --- 19 unchanged lines hidden (view full) --- 334 if ((retval = sctp_load_addresses_from_init(stcb, m, iphlen, 335 (offset + sizeof(struct sctp_init_chunk)), initack_limit, sh, 336 NULL))) { 337 /* Huh, we should abort / 338* SCTPDBG(SCTP_DEBUG_INPUT1, 339 "Load addresses from INIT causes an abort %d\n", 340 retval); 341 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
346 NULL, 0, 0);	342 NULL, 0);
347 abort_no_unlock = 1; 348* return (-1); 349 } 350 stcb->asoc.peer_hmac_id = sctp_negotiate_hmacid(stcb->asoc.peer_hmacs, 351 stcb->asoc.local_hmacs); 352 if (op_err) { 353 sctp_queue_op_err(stcb, op_err); 354 /* queuing will steal away the mbuf chain to the out queue / --- 40 unchanged lines hidden* (view full) --- 395 /* Subtract the reserved param / 396* mp->length = 397 htons(sizeof(struct sctp_inv_mandatory_param) - 2); 398 mp->num_param = htonl(1); 399 mp->param = htons(SCTP_STATE_COOKIE); 400 mp->resv = 0; 401 } 402 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen,	343 abort_no_unlock = 1; 344* return (-1); 345 } 346 stcb->asoc.peer_hmac_id = sctp_negotiate_hmacid(stcb->asoc.peer_hmacs, 347 stcb->asoc.local_hmacs); 348 if (op_err) { 349 sctp_queue_op_err(stcb, op_err); 350 /* queuing will steal away the mbuf chain to the out queue / --- 40 unchanged lines hidden* (view full) --- 391 /* Subtract the reserved param / 392* mp->length = 393 htons(sizeof(struct sctp_inv_mandatory_param) - 2); 394 mp->num_param = htonl(1); 395 mp->param = htons(SCTP_STATE_COOKIE); 396 mp->resv = 0; 397 } 398 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen,
403 sh, op_err, 0, 0);	399 sh, op_err, 0);
404 abort_no_unlock = 1; 405* } 406 return (retval); 407 } 408 return (0); 409} 410 411static void --- 442 unchanged lines hidden (view full) --- 854 phdr = (struct sctp_paramhdr )((caddr_t)phdr + adjust); 855* } 856 return (0); 857} 858 859static int 860sctp_handle_init_ack(struct mbuf m, int iphlen, int offset, 861* struct sctphdr sh, struct sctp_init_ack_chunk cp, struct sctp_tcb *stcb,	400 abort_no_unlock = 1; 401* } 402 return (retval); 403 } 404 return (0); 405} 406 407static void --- 442 unchanged lines hidden (view full) --- 850 phdr = (struct sctp_paramhdr )((caddr_t)phdr + adjust); 851* } 852 return (0); 853} 854 855static int 856sctp_handle_init_ack(struct mbuf m, int iphlen, int offset, 857* struct sctphdr sh, struct sctp_init_ack_chunk cp, struct sctp_tcb *stcb,
862 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id, 863 uint32_t table_id)	858 struct sctp_nets net, int abort_no_unlock, uint32_t vrf_id)
864{ 865 struct sctp_init_ack init_ack; 866* int state; 867* struct mbuf op_err; 868* 869 SCTPDBG(SCTP_DEBUG_INPUT2, 870 "sctp_handle_init_ack: handling INIT-ACK\n"); 871 872 if (stcb == NULL) { 873 SCTPDBG(SCTP_DEBUG_INPUT2, 874 "sctp_handle_init_ack: TCB is null\n"); 875 return (-1); 876 } 877 if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_init_ack_chunk)) { 878 /* Invalid length / 879* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 880 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	859{ 860 struct sctp_init_ack init_ack; 861* int state; 862* struct mbuf op_err; 863* 864 SCTPDBG(SCTP_DEBUG_INPUT2, 865 "sctp_handle_init_ack: handling INIT-ACK\n"); 866 867 if (stcb == NULL) { 868 SCTPDBG(SCTP_DEBUG_INPUT2, 869 "sctp_handle_init_ack: TCB is null\n"); 870 return (-1); 871 } 872 if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_init_ack_chunk)) { 873 /* Invalid length / 874* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 875 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
881 op_err, 0, 0);	876 op_err, 0);
882 abort_no_unlock = 1; 883* return (-1); 884 } 885 init_ack = &cp->init; 886 /* validate parameters / 887* if (init_ack->initiate_tag == 0) { 888 /* protocol error... send an abort / 889* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 890 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	877 abort_no_unlock = 1; 878* return (-1); 879 } 880 init_ack = &cp->init; 881 /* validate parameters / 882* if (init_ack->initiate_tag == 0) { 883 /* protocol error... send an abort / 884* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 885 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
891 op_err, 0, 0);	886 op_err, 0);
892 abort_no_unlock = 1; 893* return (-1); 894 } 895 if (ntohl(init_ack->a_rwnd) < SCTP_MIN_RWND) { 896 /* protocol error... send an abort / 897* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 898 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	887 abort_no_unlock = 1; 888* return (-1); 889 } 890 if (ntohl(init_ack->a_rwnd) < SCTP_MIN_RWND) { 891 /* protocol error... send an abort / 892* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 893 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
899 op_err, 0, 0);	894 op_err, 0);
900 abort_no_unlock = 1; 901* return (-1); 902 } 903 if (init_ack->num_inbound_streams == 0) { 904 /* protocol error... send an abort / 905* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 906 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	895 abort_no_unlock = 1; 896* return (-1); 897 } 898 if (init_ack->num_inbound_streams == 0) { 899 /* protocol error... send an abort / 900* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 901 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
907 op_err, 0, 0);	902 op_err, 0);
908 abort_no_unlock = 1; 909* return (-1); 910 } 911 if (init_ack->num_outbound_streams == 0) { 912 /* protocol error... send an abort / 913* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 914 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,	903 abort_no_unlock = 1; 904* return (-1); 905 } 906 if (init_ack->num_outbound_streams == 0) { 907 /* protocol error... send an abort / 908* op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); 909 sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh,
915 op_err, 0, 0);	910 op_err, 0);
916 abort_no_unlock = 1; 917* return (-1); 918 } 919 /* process according to association state... / 920* state = &stcb->asoc.state; 921 switch (state & SCTP_STATE_MASK) { 922* case SCTP_STATE_COOKIE_WAIT: 923 /* this is the expected state for this chunk / --- 7 unchanged lines hidden* (view full) --- 931 * though. 932 / 933* stcb->asoc.primary_destination->dest_state &= 934 ~SCTP_ADDR_UNCONFIRMED; 935 sctp_ulp_notify(SCTP_NOTIFY_INTERFACE_CONFIRMED, 936 stcb, 0, (void )stcb->asoc.primary_destination); 937* } 938 if (sctp_process_init_ack(m, iphlen, offset, sh, cp, stcb,	911 abort_no_unlock = 1; 912* return (-1); 913 } 914 /* process according to association state... / 915* state = &stcb->asoc.state; 916 switch (state & SCTP_STATE_MASK) { 917* case SCTP_STATE_COOKIE_WAIT: 918 /* this is the expected state for this chunk / --- 7 unchanged lines hidden* (view full) --- 926 * though. 927 / 928* stcb->asoc.primary_destination->dest_state &= 929 ~SCTP_ADDR_UNCONFIRMED; 930 sctp_ulp_notify(SCTP_NOTIFY_INTERFACE_CONFIRMED, 931 stcb, 0, (void )stcb->asoc.primary_destination); 932* } 933 if (sctp_process_init_ack(m, iphlen, offset, sh, cp, stcb,
939 net, abort_no_unlock, vrf_id, 940 table_id) < 0) {	934 net, abort_no_unlock, vrf_id) < 0) {
941 /* error in parsing parameters / 942* return (-1); 943 } 944 /* update our state / 945* SCTPDBG(SCTP_DEBUG_INPUT2, "moving to COOKIE-ECHOED state\n"); 946 if (state & SCTP_STATE_SHUTDOWN_PENDING) { 947* state = SCTP_STATE_COOKIE_ECHOED \| 948* SCTP_STATE_SHUTDOWN_PENDING; --- 42 unchanged lines hidden (view full) --- 991 * "split" mbuf and the cookie signature does not exist offset: offset into 992 * mbuf to the cookie-echo chunk 993 / 994static struct sctp_tcb 995sctp_process_cookie_existing(struct mbuf m, int iphlen, int offset, 996* struct sctphdr sh, struct sctp_state_cookie cookie, int cookie_len, 997 struct sctp_inpcb inp, struct sctp_tcb stcb, struct sctp_nets net, 998* struct sockaddr init_src, int notification, sctp_assoc_t * sac_assoc_id,	935 /* error in parsing parameters / 936* return (-1); 937 } 938 /* update our state / 939* SCTPDBG(SCTP_DEBUG_INPUT2, "moving to COOKIE-ECHOED state\n"); 940 if (state & SCTP_STATE_SHUTDOWN_PENDING) { 941* state = SCTP_STATE_COOKIE_ECHOED \| 942* SCTP_STATE_SHUTDOWN_PENDING; --- 42 unchanged lines hidden (view full) --- 985 * "split" mbuf and the cookie signature does not exist offset: offset into 986 * mbuf to the cookie-echo chunk 987 / 988static struct sctp_tcb 989sctp_process_cookie_existing(struct mbuf m, int iphlen, int offset, 990* struct sctphdr sh, struct sctp_state_cookie cookie, int cookie_len, 991 struct sctp_inpcb inp, struct sctp_tcb stcb, struct sctp_nets net, 992* struct sockaddr init_src, int notification, sctp_assoc_t * sac_assoc_id,
999 uint32_t vrf_id, uint32_t table_id)	993 uint32_t vrf_id)
1000{ 1001 struct sctp_association asoc; 1002* struct sctp_init_chunk init_cp, init_buf; 1003* struct sctp_init_ack_chunk initack_cp, initack_buf; 1004* int chk_length; 1005 int init_offset, initack_offset, i; 1006 int retval; 1007 int spec_flag = 0; --- 25 unchanged lines hidden (view full) --- 1033 SCTP_BUF_RESV_UF(op_err, sizeof(struct sctphdr)); 1034 SCTP_BUF_RESV_UF(op_err, sizeof(struct sctp_chunkhdr)); 1035 /* Set the len / 1036* SCTP_BUF_LEN(op_err) = sizeof(struct sctp_paramhdr); 1037 ph = mtod(op_err, struct sctp_paramhdr ); 1038* ph->param_type = htons(SCTP_CAUSE_COOKIE_IN_SHUTDOWN); 1039 ph->param_length = htons(sizeof(struct sctp_paramhdr)); 1040 sctp_send_operr_to(m, iphlen, op_err, cookie->peers_vtag,	994{ 995 struct sctp_association asoc; 996* struct sctp_init_chunk init_cp, init_buf; 997* struct sctp_init_ack_chunk initack_cp, initack_buf; 998* int chk_length; 999 int init_offset, initack_offset, i; 1000 int retval; 1001 int spec_flag = 0; --- 25 unchanged lines hidden (view full) --- 1027 SCTP_BUF_RESV_UF(op_err, sizeof(struct sctphdr)); 1028 SCTP_BUF_RESV_UF(op_err, sizeof(struct sctp_chunkhdr)); 1029 /* Set the len / 1030* SCTP_BUF_LEN(op_err) = sizeof(struct sctp_paramhdr); 1031 ph = mtod(op_err, struct sctp_paramhdr ); 1032* ph->param_type = htons(SCTP_CAUSE_COOKIE_IN_SHUTDOWN); 1033 ph->param_length = htons(sizeof(struct sctp_paramhdr)); 1034 sctp_send_operr_to(m, iphlen, op_err, cookie->peers_vtag,
1041 vrf_id, table_id);	1035 vrf_id);
1042 if (how_indx < sizeof(asoc->cookie_how)) 1043 asoc->cookie_how[how_indx] = 2; 1044 return (NULL); 1045 } 1046 /* 1047 * find and validate the INIT chunk in the cookie (peer's info) the 1048 * INIT should start after the cookie-echo header struct (chunk 1049 * header, state cookie header struct) --- 418 unchanged lines hidden (view full) --- 1468 * was from returns a new TCB 1469 / 1470static struct sctp_tcb 1471sctp_process_cookie_new(struct mbuf m, int iphlen, int offset, 1472* struct sctphdr sh, struct sctp_state_cookie cookie, int cookie_len, 1473 struct sctp_inpcb inp, struct sctp_nets netp, 1474* struct sockaddr init_src, int notification, 1475 int auth_skipped, uint32_t auth_offset, uint32_t auth_len,	1036 if (how_indx < sizeof(asoc->cookie_how)) 1037 asoc->cookie_how[how_indx] = 2; 1038 return (NULL); 1039 } 1040 /* 1041 * find and validate the INIT chunk in the cookie (peer's info) the 1042 * INIT should start after the cookie-echo header struct (chunk 1043 * header, state cookie header struct) --- 418 unchanged lines hidden (view full) --- 1462 * was from returns a new TCB 1463 / 1464static struct sctp_tcb 1465sctp_process_cookie_new(struct mbuf m, int iphlen, int offset, 1466* struct sctphdr sh, struct sctp_state_cookie cookie, int cookie_len, 1467 struct sctp_inpcb inp, struct sctp_nets netp, 1468* struct sockaddr init_src, int notification, 1469 int auth_skipped, uint32_t auth_offset, uint32_t auth_len,
1476 uint32_t vrf_id, uint32_t table_id)	1470 uint32_t vrf_id)
1477{ 1478 struct sctp_tcb stcb; 1479* struct sctp_init_chunk init_cp, init_buf; 1480* struct sctp_init_ack_chunk initack_cp, initack_buf; 1481* struct sockaddr_storage sa_store; 1482 struct sockaddr initack_src = (struct sockaddr )&sa_store; 1483 struct sockaddr_in sin; 1484* struct sockaddr_in6 sin6; --- 60 unchanged lines hidden* (view full) --- 1545 struct mbuf op_err; 1546* 1547 /* memory problem? / 1548* SCTPDBG(SCTP_DEBUG_INPUT1, 1549 "process_cookie_new: no room for another TCB!\n"); 1550 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 1551 1552 sctp_abort_association(inp, (struct sctp_tcb *)NULL, m, iphlen,	1471{ 1472 struct sctp_tcb stcb; 1473* struct sctp_init_chunk init_cp, init_buf; 1474* struct sctp_init_ack_chunk initack_cp, initack_buf; 1475* struct sockaddr_storage sa_store; 1476 struct sockaddr initack_src = (struct sockaddr )&sa_store; 1477 struct sockaddr_in sin; 1478* struct sockaddr_in6 sin6; --- 60 unchanged lines hidden* (view full) --- 1539 struct mbuf op_err; 1540* 1541 /* memory problem? / 1542* SCTPDBG(SCTP_DEBUG_INPUT1, 1543 "process_cookie_new: no room for another TCB!\n"); 1544 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 1545 1546 sctp_abort_association(inp, (struct sctp_tcb *)NULL, m, iphlen,
1553 sh, op_err, vrf_id, table_id);	1547 sh, op_err, vrf_id);
1554 return (NULL); 1555 } 1556 /* get the correct sctp_nets / 1557* if (netp) 1558 netp = sctp_findnet(stcb, init_src); 1559* 1560 asoc = &stcb->asoc;	1548 return (NULL); 1549 } 1550 /* get the correct sctp_nets / 1551* if (netp) 1552 netp = sctp_findnet(stcb, init_src); 1553* 1554 asoc = &stcb->asoc;
1561 /* save the table id (vrf_id is done in aloc_assoc) / 1562* asoc->table_id = table_id;
1563 /* get scope variables out of cookie / 1564* asoc->ipv4_local_scope = cookie->ipv4_scope; 1565 asoc->site_scope = cookie->site_scope; 1566 asoc->local_scope = cookie->local_scope; 1567 asoc->loopback_scope = cookie->loopback_scope; 1568 1569 if ((asoc->ipv4_addr_legal != cookie->ipv4_addr_legal) \|\| 1570 (asoc->ipv6_addr_legal != cookie->ipv6_addr_legal)) { 1571 struct mbuf op_err; 1572* 1573 /* 1574 * Houston we have a problem. The EP changed while the 1575 * cookie was in flight. Only recourse is to abort the 1576 * association. 1577 / 1578* atomic_add_int(&stcb->asoc.refcnt, 1); 1579 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 1580 sctp_abort_association(inp, (struct sctp_tcb *)NULL, m, iphlen,	1555 /* get scope variables out of cookie / 1556* asoc->ipv4_local_scope = cookie->ipv4_scope; 1557 asoc->site_scope = cookie->site_scope; 1558 asoc->local_scope = cookie->local_scope; 1559 asoc->loopback_scope = cookie->loopback_scope; 1560 1561 if ((asoc->ipv4_addr_legal != cookie->ipv4_addr_legal) \|\| 1562 (asoc->ipv6_addr_legal != cookie->ipv6_addr_legal)) { 1563 struct mbuf op_err; 1564* 1565 /* 1566 * Houston we have a problem. The EP changed while the 1567 * cookie was in flight. Only recourse is to abort the 1568 * association. 1569 / 1570* atomic_add_int(&stcb->asoc.refcnt, 1); 1571 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 1572 sctp_abort_association(inp, (struct sctp_tcb *)NULL, m, iphlen,
1581 sh, op_err, vrf_id, table_id);	1573 sh, op_err, vrf_id);
1582 atomic_add_int(&stcb->asoc.refcnt, -1); 1583 return (NULL); 1584 } 1585 /* process the INIT-ACK info (my info) / 1586* old_tag = asoc->my_vtag; 1587 asoc->assoc_id = asoc->my_vtag = ntohl(initack_cp->init.initiate_tag); 1588 asoc->my_rwnd = ntohl(initack_cp->init.a_rwnd); 1589 asoc->pre_open_streams = ntohs(initack_cp->init.num_outbound_streams); --- 148 unchanged lines hidden (view full) --- 1738 * handles a COOKIE-ECHO message stcb: modified to either a new or left as 1739 * existing (non-NULL) TCB 1740 / 1741static struct mbuf 1742sctp_handle_cookie_echo(struct mbuf m, int iphlen, int offset, 1743* struct sctphdr sh, struct sctp_cookie_echo_chunk cp, 1744 struct sctp_inpcb inp_p, struct sctp_tcb stcb, struct sctp_nets *netp, 1745* int auth_skipped, uint32_t auth_offset, uint32_t auth_len,	1574 atomic_add_int(&stcb->asoc.refcnt, -1); 1575 return (NULL); 1576 } 1577 /* process the INIT-ACK info (my info) / 1578* old_tag = asoc->my_vtag; 1579 asoc->assoc_id = asoc->my_vtag = ntohl(initack_cp->init.initiate_tag); 1580 asoc->my_rwnd = ntohl(initack_cp->init.a_rwnd); 1581 asoc->pre_open_streams = ntohs(initack_cp->init.num_outbound_streams); --- 148 unchanged lines hidden (view full) --- 1730 * handles a COOKIE-ECHO message stcb: modified to either a new or left as 1731 * existing (non-NULL) TCB 1732 / 1733static struct mbuf 1734sctp_handle_cookie_echo(struct mbuf m, int iphlen, int offset, 1735* struct sctphdr sh, struct sctp_cookie_echo_chunk cp, 1736 struct sctp_inpcb inp_p, struct sctp_tcb stcb, struct sctp_nets *netp, 1737* int auth_skipped, uint32_t auth_offset, uint32_t auth_len,
1746 struct sctp_tcb **locked_tcb, uint32_t vrf_id, uint32_t table_id)	1738 struct sctp_tcb **locked_tcb, uint32_t vrf_id)
1747{ 1748 struct sctp_state_cookie cookie; 1749* struct sockaddr_in6 sin6; 1750 struct sockaddr_in sin; 1751 struct sctp_tcb l_stcb = stcb; 1752 struct sctp_inpcb l_inp; 1753* struct sockaddr to; 1754* sctp_assoc_t sac_restart_id; --- 190 unchanged lines hidden (view full) --- 1945 (sizeof(uint32_t)))); 1946 /* seconds to usec / 1947* tim = (now.tv_sec - time_expires.tv_sec) * 1000000; 1948 /* add in usec / 1949* if (tim == 0) 1950 tim = now.tv_usec - cookie->time_entered.tv_usec; 1951 scm->time_usec = htonl(tim); 1952 sctp_send_operr_to(m, iphlen, op_err, cookie->peers_vtag,	1739{ 1740 struct sctp_state_cookie cookie; 1741* struct sockaddr_in6 sin6; 1742 struct sockaddr_in sin; 1743 struct sctp_tcb l_stcb = stcb; 1744 struct sctp_inpcb l_inp; 1745* struct sockaddr to; 1746* sctp_assoc_t sac_restart_id; --- 190 unchanged lines hidden (view full) --- 1937 (sizeof(uint32_t)))); 1938 /* seconds to usec / 1939* tim = (now.tv_sec - time_expires.tv_sec) * 1000000; 1940 /* add in usec / 1941* if (tim == 0) 1942 tim = now.tv_usec - cookie->time_entered.tv_usec; 1943 scm->time_usec = htonl(tim); 1944 sctp_send_operr_to(m, iphlen, op_err, cookie->peers_vtag,
1953 vrf_id, table_id);	1945 vrf_id);
1954 return (NULL); 1955 } 1956 /* 1957 * Now we must see with the lookup address if we have an existing 1958 * asoc. This will only happen if we were in the COOKIE-WAIT state 1959 * and a INIT collided with us and somewhere the peer sent the 1960 * cookie on another address besides the single address our assoc 1961 * had for him. In this case we will have one of the tie-tags set at --- 63 unchanged lines hidden (view full) --- 2025 if (to == NULL) 2026 return (NULL); 2027 2028 cookie_len -= SCTP_SIGNATURE_SIZE; 2029 if (stcb == NULL) { 2030* /* this is the "normal" case... get a new TCB / 2031* stcb = sctp_process_cookie_new(m, iphlen, offset, sh, cookie, 2032* cookie_len, *inp_p, netp, to, &notification,	1946 return (NULL); 1947 } 1948 /* 1949 * Now we must see with the lookup address if we have an existing 1950 * asoc. This will only happen if we were in the COOKIE-WAIT state 1951 * and a INIT collided with us and somewhere the peer sent the 1952 * cookie on another address besides the single address our assoc 1953 * had for him. In this case we will have one of the tie-tags set at --- 63 unchanged lines hidden (view full) --- 2017 if (to == NULL) 2018 return (NULL); 2019 2020 cookie_len -= SCTP_SIGNATURE_SIZE; 2021 if (stcb == NULL) { 2022* /* this is the "normal" case... get a new TCB / 2023* stcb = sctp_process_cookie_new(m, iphlen, offset, sh, cookie, 2024* cookie_len, *inp_p, netp, to, &notification,
2033 auth_skipped, auth_offset, auth_len, vrf_id, table_id);	2025 auth_skipped, auth_offset, auth_len, vrf_id);
2034 } else { 2035 /* this is abnormal... cookie-echo on existing TCB / 2036* had_a_existing_tcb = 1; 2037 *stcb = sctp_process_cookie_existing(m, iphlen, offset, sh,	2026 } else { 2027 /* this is abnormal... cookie-echo on existing TCB / 2028* had_a_existing_tcb = 1; 2029 *stcb = sctp_process_cookie_existing(m, iphlen, offset, sh,
2038 cookie, cookie_len, inp_p, stcb, netp, to, &notification, 2039* &sac_restart_id, vrf_id, table_id);	2030 cookie, cookie_len, inp_p, stcb, netp, to, 2031* &notification, &sac_restart_id, vrf_id);
2040 } 2041 2042 if (stcb == NULL) { 2043* /* still no TCB... must be bad cookie-echo / 2044* return (NULL); 2045 } 2046 /* 2047 * Ok, we built an association so confirm the address we sent the --- 58 unchanged lines hidden (view full) --- 2106 SCTP_INP_WUNLOCK((stcb)->sctp_ep); 2107* if (so == NULL) { 2108 struct mbuf op_err; 2109* 2110 /* Too many sockets / 2111* SCTPDBG(SCTP_DEBUG_INPUT1, "process_cookie_new: no room for another socket!\n"); 2112 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 2113 sctp_abort_association(*inp_p, NULL, m, iphlen,	2032 } 2033 2034 if (stcb == NULL) { 2035* /* still no TCB... must be bad cookie-echo / 2036* return (NULL); 2037 } 2038 /* 2039 * Ok, we built an association so confirm the address we sent the --- 58 unchanged lines hidden (view full) --- 2098 SCTP_INP_WUNLOCK((stcb)->sctp_ep); 2099* if (so == NULL) { 2100 struct mbuf op_err; 2101* 2102 /* Too many sockets / 2103* SCTPDBG(SCTP_DEBUG_INPUT1, "process_cookie_new: no room for another socket!\n"); 2104 op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); 2105 sctp_abort_association(*inp_p, NULL, m, iphlen,
2114 sh, op_err, vrf_id, 2115 table_id);	2106 sh, op_err, vrf_id);
2116 sctp_free_assoc(inp_p, stcb, SCTP_NORMAL_PROC, SCTP_FROM_SCTP_INPUT + SCTP_LOC_20); 2117 return (NULL); 2118 } 2119 inp = (struct sctp_inpcb )so->so_pcb; 2120* SCTP_INP_INCR_REF(inp); 2121 /* 2122 * We add the unbound flag here so that if we get an 2123 * soabort() before we get the move_pcb done, we --- 1323 unchanged lines hidden (view full) --- 3447 / 3448#ifdef __GNUC__ 3449__attribute__((noinline)) 3450#endif 3451* static struct sctp_tcb * 3452 sctp_process_control(struct mbuf m, int iphlen, int offset, int length, 3453 struct sctphdr sh, struct sctp_chunkhdr ch, struct sctp_inpcb inp, 3454* struct sctp_tcb stcb, struct sctp_nets netp, int fwd_tsn_seen,	2107 sctp_free_assoc(inp_p, stcb, SCTP_NORMAL_PROC, SCTP_FROM_SCTP_INPUT + SCTP_LOC_20); 2108 return (NULL); 2109 } 2110 inp = (struct sctp_inpcb )so->so_pcb; 2111* SCTP_INP_INCR_REF(inp); 2112 /* 2113 * We add the unbound flag here so that if we get an 2114 * soabort() before we get the move_pcb done, we --- 1323 unchanged lines hidden (view full) --- 3438 / 3439#ifdef __GNUC__ 3440__attribute__((noinline)) 3441#endif 3442* static struct sctp_tcb * 3443 sctp_process_control(struct mbuf m, int iphlen, int offset, int length, 3444 struct sctphdr sh, struct sctp_chunkhdr ch, struct sctp_inpcb inp, 3445* struct sctp_tcb stcb, struct sctp_nets netp, int fwd_tsn_seen,
3455 uint32_t vrf_id, uint32_t table_id)	3446 uint32_t vrf_id)
3456{ 3457 struct sctp_association asoc; 3458* uint32_t vtag_in; 3459 int num_chunks = 0; /* number of control chunks processed / 3460* uint32_t chk_length; 3461 int ret; 3462 int abort_no_unlock = 0; 3463 --- 114 unchanged lines hidden (view full) --- 3578 /* remaining chunks are HMAC checked / 3579* stcb->asoc.authenticated = 1; 3580 } 3581 } 3582 } 3583 if (stcb == NULL) { 3584 /* no association, so it's out of the blue... / 3585* sctp_handle_ootb(m, iphlen, *offset, sh, inp, NULL,	3447{ 3448 struct sctp_association asoc; 3449* uint32_t vtag_in; 3450 int num_chunks = 0; /* number of control chunks processed / 3451* uint32_t chk_length; 3452 int ret; 3453 int abort_no_unlock = 0; 3454 --- 114 unchanged lines hidden (view full) --- 3569 /* remaining chunks are HMAC checked / 3570* stcb->asoc.authenticated = 1; 3571 } 3572 } 3573 } 3574 if (stcb == NULL) { 3575 /* no association, so it's out of the blue... / 3576* sctp_handle_ootb(m, iphlen, *offset, sh, inp, NULL,
3586 vrf_id, table_id);	3577 vrf_id);
3587 offset = length; 3588* if (locked_tcb) { 3589 SCTP_TCB_UNLOCK(locked_tcb); 3590 } 3591 return (NULL); 3592 } 3593 asoc = &stcb->asoc; 3594 /* ABORT and SHUTDOWN can use either v_tag... / --- 20 unchanged lines hidden* (view full) --- 3615 * is still hung; we have started a new asoc 3616 * but it won't complete until the shutdown 3617 * is completed 3618 / 3619* if (locked_tcb) { 3620 SCTP_TCB_UNLOCK(locked_tcb); 3621 } 3622 sctp_handle_ootb(m, iphlen, *offset, sh, inp,	3578 offset = length; 3579* if (locked_tcb) { 3580 SCTP_TCB_UNLOCK(locked_tcb); 3581 } 3582 return (NULL); 3583 } 3584 asoc = &stcb->asoc; 3585 /* ABORT and SHUTDOWN can use either v_tag... / --- 20 unchanged lines hidden* (view full) --- 3606 * is still hung; we have started a new asoc 3607 * but it won't complete until the shutdown 3608 * is completed 3609 / 3610* if (locked_tcb) { 3611 SCTP_TCB_UNLOCK(locked_tcb); 3612 } 3613 sctp_handle_ootb(m, iphlen, *offset, sh, inp,
3623 NULL, vrf_id, table_id);	3614 NULL, vrf_id);
3624 return (NULL); 3625 } 3626 } else { 3627 /* for all other chunks, vtag must match / 3628* if (vtag_in != asoc->my_vtag) { 3629 /* invalid vtag... / 3630* SCTPDBG(SCTP_DEBUG_INPUT3, 3631 "invalid vtag: %xh, expect %xh\n", --- 175 unchanged lines hidden (view full) --- 3807 if (locked_tcb) { 3808 SCTP_TCB_UNLOCK(locked_tcb); 3809 } 3810 return (NULL); 3811 } 3812 if (netp) { 3813 sctp_handle_init(m, iphlen, offset, sh, 3814* (struct sctp_init_chunk *)ch, inp,	3615 return (NULL); 3616 } 3617 } else { 3618 /* for all other chunks, vtag must match / 3619* if (vtag_in != asoc->my_vtag) { 3620 /* invalid vtag... / 3621* SCTPDBG(SCTP_DEBUG_INPUT3, 3622 "invalid vtag: %xh, expect %xh\n", --- 175 unchanged lines hidden (view full) --- 3798 if (locked_tcb) { 3799 SCTP_TCB_UNLOCK(locked_tcb); 3800 } 3801 return (NULL); 3802 } 3803 if (netp) { 3804 sctp_handle_init(m, iphlen, offset, sh, 3805* (struct sctp_init_chunk *)ch, inp,
3815 stcb, *netp, &abort_no_unlock, vrf_id, table_id);	3806 stcb, *netp, &abort_no_unlock, vrf_id);
3816 } 3817 if (abort_no_unlock) 3818 return (NULL); 3819 3820 offset = length; 3821* if (locked_tcb) { 3822 SCTP_TCB_UNLOCK(locked_tcb); 3823 } --- 22 unchanged lines hidden (view full) --- 3846 offset = length; 3847* if (locked_tcb) { 3848 SCTP_TCB_UNLOCK(locked_tcb); 3849 } 3850 return (NULL); 3851 } 3852 if ((netp) && (netp)) { 3853* ret = sctp_handle_init_ack(m, iphlen, *offset, sh,	3807 } 3808 if (abort_no_unlock) 3809 return (NULL); 3810 3811 offset = length; 3812* if (locked_tcb) { 3813 SCTP_TCB_UNLOCK(locked_tcb); 3814 } --- 22 unchanged lines hidden (view full) --- 3837 offset = length; 3838* if (locked_tcb) { 3839 SCTP_TCB_UNLOCK(locked_tcb); 3840 } 3841 return (NULL); 3842 } 3843 if ((netp) && (netp)) { 3844* ret = sctp_handle_init_ack(m, iphlen, *offset, sh,
3854 (struct sctp_init_ack_chunk )ch, stcb, netp, &abort_no_unlock, vrf_id, table_id);	3845 (struct sctp_init_ack_chunk )ch, stcb, netp, &abort_no_unlock, vrf_id);
3855 } else { 3856 ret = -1; 3857 } 3858 /* 3859 * Special case, I must call the output routine to 3860 * get the cookie echoed 3861 / 3862* if (abort_no_unlock) --- 160 unchanged lines hidden (view full) --- 4023 * special case, is this a retran'd 4024 * COOKIE-ECHO or a restarting assoc 4025 * that is a peeled off or 4026 * one-to-one style socket. 4027 / 4028* goto process_cookie_anyway; 4029 } 4030 sctp_abort_association(inp, stcb, m, iphlen,	3846 } else { 3847 ret = -1; 3848 } 3849 /* 3850 * Special case, I must call the output routine to 3851 * get the cookie echoed 3852 / 3853* if (abort_no_unlock) --- 160 unchanged lines hidden (view full) --- 4014 * special case, is this a retran'd 4015 * COOKIE-ECHO or a restarting assoc 4016 * that is a peeled off or 4017 * one-to-one style socket. 4018 / 4019* goto process_cookie_anyway; 4020 } 4021 sctp_abort_association(inp, stcb, m, iphlen,
4031 sh, NULL, vrf_id, 4032 table_id);	4022 sh, NULL, vrf_id);
4033 offset = length; 4034* return (NULL); 4035 } else if (inp->sctp_socket->so_qlimit) { 4036 /* we are accepting so check limits like TCP / 4037* if (inp->sctp_socket->so_qlen > 4038 inp->sctp_socket->so_qlimit) { 4039 /* no space / 4040* struct mbuf oper; --- 9 unchanged lines hidden* (view full) --- 4050 phdr = mtod(oper, 4051 struct sctp_paramhdr ); 4052* phdr->param_type = 4053 htons(SCTP_CAUSE_OUT_OF_RESC); 4054 phdr->param_length = 4055 htons(sizeof(struct sctp_paramhdr)); 4056 } 4057 sctp_abort_association(inp, stcb, m,	4023 offset = length; 4024* return (NULL); 4025 } else if (inp->sctp_socket->so_qlimit) { 4026 /* we are accepting so check limits like TCP / 4027* if (inp->sctp_socket->so_qlen > 4028 inp->sctp_socket->so_qlimit) { 4029 /* no space / 4030* struct mbuf oper; --- 9 unchanged lines hidden* (view full) --- 4040 phdr = mtod(oper, 4041 struct sctp_paramhdr ); 4042* phdr->param_type = 4043 htons(SCTP_CAUSE_OUT_OF_RESC); 4044 phdr->param_length = 4045 htons(sizeof(struct sctp_paramhdr)); 4046 } 4047 sctp_abort_association(inp, stcb, m,
4058 iphlen, sh, oper, vrf_id, table_id);	4048 iphlen, sh, oper, vrf_id);
4059 } 4060 offset = length; 4061* return (NULL); 4062 } 4063 } 4064 process_cookie_anyway: 4065 { 4066 struct mbuf ret_buf; --- 13 unchanged lines hidden* (view full) --- 4080 sctp_handle_cookie_echo(m, iphlen, 4081 offset, sh, 4082* (struct sctp_cookie_echo_chunk )ch, 4083* &inp, &stcb, netp, 4084 auth_skipped, 4085 auth_offset, 4086 auth_len, 4087 &locked_tcb,	4049 } 4050 offset = length; 4051* return (NULL); 4052 } 4053 } 4054 process_cookie_anyway: 4055 { 4056 struct mbuf ret_buf; --- 13 unchanged lines hidden* (view full) --- 4070 sctp_handle_cookie_echo(m, iphlen, 4071 offset, sh, 4072* (struct sctp_cookie_echo_chunk )ch, 4073* &inp, &stcb, netp, 4074 auth_skipped, 4075 auth_offset, 4076 auth_len, 4077 &locked_tcb,
4088 vrf_id, 4089 table_id);	4078 vrf_id);
4090 } else { 4091 ret_buf = NULL; 4092 } 4093 if (linp) { 4094 SCTP_ASOC_CREATE_UNLOCK(linp); 4095 } 4096 if (ret_buf == NULL) { 4097 if (locked_tcb) { --- 380 unchanged lines hidden (view full) --- 4478 4479/* 4480 * common input chunk processing (v4 and v6) 4481 / 4482void 4483sctp_common_input_processing(struct mbuf mm, int iphlen, int offset, 4484* int length, struct sctphdr sh, struct sctp_chunkhdr ch, 4485 struct sctp_inpcb inp, struct sctp_tcb stcb, struct sctp_nets *net,	4079 } else { 4080 ret_buf = NULL; 4081 } 4082 if (linp) { 4083 SCTP_ASOC_CREATE_UNLOCK(linp); 4084 } 4085 if (ret_buf == NULL) { 4086 if (locked_tcb) { --- 380 unchanged lines hidden (view full) --- 4467 4468/* 4469 * common input chunk processing (v4 and v6) 4470 / 4471void 4472sctp_common_input_processing(struct mbuf mm, int iphlen, int offset, 4473* int length, struct sctphdr sh, struct sctp_chunkhdr ch, 4474 struct sctp_inpcb inp, struct sctp_tcb stcb, struct sctp_nets *net,
4486 uint8_t ecn_bits, uint32_t vrf_id, uint32_t table_id)	4475 uint8_t ecn_bits, uint32_t vrf_id)
4487{ 4488 /* 4489 * Control chunk processing 4490 / 4491* uint32_t high_tsn; 4492 int fwd_tsn_seen = 0, data_processed = 0; 4493 struct mbuf m = mm; 4494 int abort_flag = 0; --- 12 unchanged lines hidden (view full) --- 4507 /* always clear this before beginning a packet / 4508* stcb->asoc.authenticated = 0; 4509 stcb->asoc.seen_a_sack_this_pkt = 0; 4510 } 4511 if (IS_SCTP_CONTROL(ch)) { 4512 /* process the control portion of the SCTP packet / 4513* /* sa_ignore NO_NULL_CHK / 4514* stcb = sctp_process_control(m, iphlen, &offset, length, sh, ch,	4476{ 4477 /* 4478 * Control chunk processing 4479 / 4480* uint32_t high_tsn; 4481 int fwd_tsn_seen = 0, data_processed = 0; 4482 struct mbuf m = mm; 4483 int abort_flag = 0; --- 12 unchanged lines hidden (view full) --- 4496 /* always clear this before beginning a packet / 4497* stcb->asoc.authenticated = 0; 4498 stcb->asoc.seen_a_sack_this_pkt = 0; 4499 } 4500 if (IS_SCTP_CONTROL(ch)) { 4501 /* process the control portion of the SCTP packet / 4502* /* sa_ignore NO_NULL_CHK / 4503* stcb = sctp_process_control(m, iphlen, &offset, length, sh, ch,
4515 inp, stcb, &net, &fwd_tsn_seen, vrf_id, table_id);	4504 inp, stcb, &net, &fwd_tsn_seen, vrf_id);
4516 if (stcb) { 4517 /* 4518 * This covers us if the cookie-echo was there and 4519 * it changes our INP. 4520 / 4521* inp = stcb->sctp_ep; 4522 } 4523 } else { --- 13 unchanged lines hidden (view full) --- 4537 /* "silently" ignore / 4538* SCTP_STAT_INCR(sctps_recvauthmissing); 4539 SCTP_TCB_UNLOCK(stcb); 4540 return; 4541 } 4542 if (stcb == NULL) { 4543 /* out of the blue DATA chunk / 4544* sctp_handle_ootb(m, iphlen, offset, sh, inp, NULL,	4505 if (stcb) { 4506 /* 4507 * This covers us if the cookie-echo was there and 4508 * it changes our INP. 4509 / 4510* inp = stcb->sctp_ep; 4511 } 4512 } else { --- 13 unchanged lines hidden (view full) --- 4526 /* "silently" ignore / 4527* SCTP_STAT_INCR(sctps_recvauthmissing); 4528 SCTP_TCB_UNLOCK(stcb); 4529 return; 4530 } 4531 if (stcb == NULL) { 4532 /* out of the blue DATA chunk / 4533* sctp_handle_ootb(m, iphlen, offset, sh, inp, NULL,
4545 vrf_id, table_id);	4534 vrf_id);
4546 return; 4547 } 4548 if (stcb->asoc.my_vtag != ntohl(sh->v_tag)) { 4549 /* v_tag mismatch! / 4550* SCTP_STAT_INCR(sctps_badvtag); 4551 SCTP_TCB_UNLOCK(stcb); 4552 return; 4553 } --- 44 unchanged lines hidden (view full) --- 4598 stcb->asoc.overall_error_count = 0; 4599 sctp_handle_cookie_ack((struct sctp_cookie_ack_chunk )ch, stcb, net); 4600* break; 4601 case SCTP_STATE_COOKIE_WAIT: 4602 /* 4603 * We consider OOTB any data sent during asoc setup. 4604 / 4605* sctp_handle_ootb(m, iphlen, offset, sh, inp, NULL,	4535 return; 4536 } 4537 if (stcb->asoc.my_vtag != ntohl(sh->v_tag)) { 4538 /* v_tag mismatch! / 4539* SCTP_STAT_INCR(sctps_badvtag); 4540 SCTP_TCB_UNLOCK(stcb); 4541 return; 4542 } --- 44 unchanged lines hidden (view full) --- 4587 stcb->asoc.overall_error_count = 0; 4588 sctp_handle_cookie_ack((struct sctp_cookie_ack_chunk )ch, stcb, net); 4589* break; 4590 case SCTP_STATE_COOKIE_WAIT: 4591 /* 4592 * We consider OOTB any data sent during asoc setup. 4593 / 4594* sctp_handle_ootb(m, iphlen, offset, sh, inp, NULL,
4606 vrf_id, table_id);	4595 vrf_id);
4607 SCTP_TCB_UNLOCK(stcb); 4608 return; 4609 break; 4610 case SCTP_STATE_EMPTY: /* should not happen / 4611* case SCTP_STATE_INUSE: /* should not happen / 4612* case SCTP_STATE_SHUTDOWN_RECEIVED: /* This is a peer error / 4613* case SCTP_STATE_SHUTDOWN_ACK_SENT: 4614 default: --- 85 unchanged lines hidden (view full) --- 4700 4701{ 4702#ifdef SCTP_MBUF_LOGGING 4703 struct mbuf mat; 4704* 4705#endif 4706 struct mbuf m; 4707* int iphlen;	4596 SCTP_TCB_UNLOCK(stcb); 4597 return; 4598 break; 4599 case SCTP_STATE_EMPTY: /* should not happen / 4600* case SCTP_STATE_INUSE: /* should not happen / 4601* case SCTP_STATE_SHUTDOWN_RECEIVED: /* This is a peer error / 4602* case SCTP_STATE_SHUTDOWN_ACK_SENT: 4603 default: --- 85 unchanged lines hidden (view full) --- 4689 4690{ 4691#ifdef SCTP_MBUF_LOGGING 4692 struct mbuf mat; 4693* 4694#endif 4695 struct mbuf m; 4696* int iphlen;
4708 uint32_t vrf_id = 0, table_id = 0;	4697 uint32_t vrf_id = 0;
4709 uint8_t ecn_bits; 4710 struct ip ip; 4711* struct sctphdr sh; 4712* struct sctp_inpcb inp = NULL; 4713* 4714 uint32_t check, calc_check; 4715 struct sctp_nets net; 4716* struct sctp_tcb stcb = NULL; 4717* struct sctp_chunkhdr ch; 4718* int refcount_up = 0; 4719 int length, mlen, offset; 4720 4721 4722 if (SCTP_GET_PKT_VRFID(i_pak, vrf_id)) { 4723 SCTP_RELEASE_PKT(i_pak); 4724 return; 4725 }	4698 uint8_t ecn_bits; 4699 struct ip ip; 4700* struct sctphdr sh; 4701* struct sctp_inpcb inp = NULL; 4702* 4703 uint32_t check, calc_check; 4704 struct sctp_nets net; 4705* struct sctp_tcb stcb = NULL; 4706* struct sctp_chunkhdr ch; 4707* int refcount_up = 0; 4708 int length, mlen, offset; 4709 4710 4711 if (SCTP_GET_PKT_VRFID(i_pak, vrf_id)) { 4712 SCTP_RELEASE_PKT(i_pak); 4713 return; 4714 }
4726 if (SCTP_GET_PKT_TABLEID(i_pak, table_id)) { 4727 SCTP_RELEASE_PKT(i_pak); 4728 return; 4729 }
4730 mlen = SCTP_HEADER_LEN(i_pak); 4731 iphlen = off; 4732 m = SCTP_HEADER_TO_CHAIN(i_pak); 4733 4734 net = NULL; 4735 SCTP_STAT_INCR(sctps_recvpackets); 4736 SCTP_STAT_INCR_COUNTER64(sctps_inpackets); 4737 --- 122 unchanged lines hidden (view full) --- 4860 / 4861* init_chk = (struct sctp_init_chunk )sctp_m_getptr(m, 4862* iphlen + sizeof(sh), sizeof(init_chk), 4863 (uint8_t ) & chunk_buf); 4864* if (init_chk != NULL) 4865 sh->v_tag = init_chk->init.initiate_tag; 4866 } 4867 if (ch->chunk_type == SCTP_SHUTDOWN_ACK) {	4715 mlen = SCTP_HEADER_LEN(i_pak); 4716 iphlen = off; 4717 m = SCTP_HEADER_TO_CHAIN(i_pak); 4718 4719 net = NULL; 4720 SCTP_STAT_INCR(sctps_recvpackets); 4721 SCTP_STAT_INCR_COUNTER64(sctps_inpackets); 4722 --- 122 unchanged lines hidden (view full) --- 4845 / 4846* init_chk = (struct sctp_init_chunk )sctp_m_getptr(m, 4847* iphlen + sizeof(sh), sizeof(init_chk), 4848 (uint8_t ) & chunk_buf); 4849* if (init_chk != NULL) 4850 sh->v_tag = init_chk->init.initiate_tag; 4851 } 4852 if (ch->chunk_type == SCTP_SHUTDOWN_ACK) {
4868 sctp_send_shutdown_complete2(m, iphlen, sh, vrf_id, 4869 table_id);	4853 sctp_send_shutdown_complete2(m, iphlen, sh, vrf_id);
4870 goto bad; 4871 } 4872 if (ch->chunk_type == SCTP_SHUTDOWN_COMPLETE) { 4873 goto bad; 4874 } 4875 if (ch->chunk_type != SCTP_ABORT_ASSOCIATION)	4854 goto bad; 4855 } 4856 if (ch->chunk_type == SCTP_SHUTDOWN_COMPLETE) { 4857 goto bad; 4858 } 4859 if (ch->chunk_type != SCTP_ABORT_ASSOCIATION)
4876 sctp_send_abort(m, iphlen, sh, 0, NULL, vrf_id, 4877 table_id);	4860 sctp_send_abort(m, iphlen, sh, 0, NULL, vrf_id);
4878 goto bad; 4879 } else if (stcb == NULL) { 4880 refcount_up = 1; 4881 } 4882#ifdef IPSEC 4883 /* 4884 * I very much doubt any of the IPSEC stuff will work but I have no 4885 * idea, so I will leave it in place. --- 11 unchanged lines hidden (view full) --- 4897 / 4898* length = ip->ip_len + iphlen; 4899 offset -= sizeof(struct sctp_chunkhdr); 4900 4901 ecn_bits = ip->ip_tos; 4902 4903 /* sa_ignore NO_NULL_CHK / 4904* sctp_common_input_processing(&m, iphlen, offset, length, sh, ch,	4861 goto bad; 4862 } else if (stcb == NULL) { 4863 refcount_up = 1; 4864 } 4865#ifdef IPSEC 4866 /* 4867 * I very much doubt any of the IPSEC stuff will work but I have no 4868 * idea, so I will leave it in place. --- 11 unchanged lines hidden (view full) --- 4880 / 4881* length = ip->ip_len + iphlen; 4882 offset -= sizeof(struct sctp_chunkhdr); 4883 4884 ecn_bits = ip->ip_tos; 4885 4886 /* sa_ignore NO_NULL_CHK / 4887* sctp_common_input_processing(&m, iphlen, offset, length, sh, ch,
4905 inp, stcb, net, ecn_bits, vrf_id, 4906 table_id);	4888 inp, stcb, net, ecn_bits, vrf_id);
4907 /* inp's ref-count reduced && stcb unlocked / 4908* if (m) { 4909 sctp_m_freem(m); 4910 } 4911 if ((inp) && (refcount_up)) { 4912 /* reduce ref-count / 4913* SCTP_INP_WLOCK(inp); 4914 SCTP_INP_DECR_REF(inp); --- 18 unchanged lines hidden ---	4889 /* inp's ref-count reduced && stcb unlocked / 4890* if (m) { 4891 sctp_m_freem(m); 4892 } 4893 if ((inp) && (refcount_up)) { 4894 /* reduce ref-count / 4895* SCTP_INP_WLOCK(inp); 4896 SCTP_INP_DECR_REF(inp); --- 18 unchanged lines hidden ---