in6_proto.c revision 78064
1/* $FreeBSD: head/sys/netinet6/in6_proto.c 78064 2001-06-11 12:39:29Z ume $ */ 2/* $KAME: in6_proto.c,v 1.91 2001/05/27 13:28:35 itojun Exp $ */ 3 4/* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33/* 34 * Copyright (c) 1982, 1986, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. All advertising materials mentioning features or use of this software 46 * must display the following acknowledgement: 47 * This product includes software developed by the University of 48 * California, Berkeley and its contributors. 49 * 4. Neither the name of the University nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 56 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 63 * SUCH DAMAGE. 64 * 65 * @(#)in_proto.c 8.1 (Berkeley) 6/10/93 66 */ 67 68#include "opt_inet.h" 69#include "opt_inet6.h" 70#include "opt_ipsec.h" 71 72#include <sys/param.h> 73#include <sys/socket.h> 74#include <sys/socketvar.h> 75#include <sys/protosw.h> 76#include <sys/kernel.h> 77#include <sys/domain.h> 78#include <sys/mbuf.h> 79#include <sys/systm.h> 80#include <sys/sysctl.h> 81 82#include <net/if.h> 83#include <net/radix.h> 84#include <net/route.h> 85 86#include <netinet/in.h> 87#include <netinet/in_systm.h> 88#include <netinet/in_var.h> 89#include <netinet/ip_encap.h> 90#include <netinet/ip.h> 91#include <netinet/ip_var.h> 92#include <netinet/ip6.h> 93#include <netinet6/ip6_var.h> 94#include <netinet/icmp6.h> 95 96#include <netinet/tcp.h> 97#include <netinet/tcp_timer.h> 98#include <netinet/tcp_var.h> 99#include <netinet/udp.h> 100#include <netinet/udp_var.h> 101#include <netinet6/tcp6_var.h> 102#include <netinet6/raw_ip6.h> 103#include <netinet6/udp6_var.h> 104#include <netinet6/pim6_var.h> 105#include <netinet6/nd6.h> 106#include <netinet6/in6_prefix.h> 107 108#ifdef IPSEC 109#include <netinet6/ipsec.h> 110#ifdef INET6 111#include <netinet6/ipsec6.h> 112#endif 113#include <netinet6/ah.h> 114#ifdef INET6 115#include <netinet6/ah6.h> 116#endif 117#ifdef IPSEC_ESP 118#include <netinet6/esp.h> 119#ifdef INET6 120#include <netinet6/esp6.h> 121#endif 122#endif 123#include <netinet6/ipcomp.h> 124#ifdef INET6 125#include <netinet6/ipcomp6.h> 126#endif 127#endif /*IPSEC*/ 128 129#include <netinet6/ip6protosw.h> 130 131#include "gif.h" 132#if NGIF > 0 133#include <netinet6/in6_gif.h> 134#endif 135 136#include <net/net_osdep.h> 137 138/* 139 * TCP/IP protocol family: IP6, ICMP6, UDP, TCP. 140 */ 141 142extern struct domain inet6domain; 143static struct pr_usrreqs nousrreqs; 144 145#define PR_LISTEN 0 146#define PR_ABRTACPTDIS 0 147 148struct ip6protosw inet6sw[] = { 149{ 0, &inet6domain, IPPROTO_IPV6, 0, 150 0, 0, 0, 0, 151 0, 152 ip6_init, 0, frag6_slowtimo, frag6_drain, 153 &nousrreqs, 154}, 155{ SOCK_DGRAM, &inet6domain, IPPROTO_UDP, PR_ATOMIC|PR_ADDR, 156 udp6_input, 0, udp6_ctlinput, ip6_ctloutput, 157 0, 158 0, 0, 0, 0, 159 &udp6_usrreqs, 160}, 161{ SOCK_STREAM, &inet6domain, IPPROTO_TCP, PR_CONNREQUIRED|PR_WANTRCVD|PR_LISTEN, 162 tcp6_input, 0, tcp6_ctlinput, tcp_ctloutput, 163 0, 164#ifdef INET /* don't call initialization and timeout routines twice */ 165 0, 0, 0, tcp_drain, 166#else 167 tcp_init, tcp_fasttimo, tcp_slowtimo, tcp_drain, 168#endif 169 &tcp6_usrreqs, 170}, 171{ SOCK_RAW, &inet6domain, IPPROTO_RAW, PR_ATOMIC|PR_ADDR, 172 rip6_input, rip6_output, rip6_ctlinput, rip6_ctloutput, 173 0, 174 0, 0, 0, 0, 175 &rip6_usrreqs 176}, 177{ SOCK_RAW, &inet6domain, IPPROTO_ICMPV6, PR_ATOMIC|PR_ADDR|PR_LASTHDR, 178 icmp6_input, rip6_output, rip6_ctlinput, rip6_ctloutput, 179 0, 180 icmp6_init, icmp6_fasttimo, 0, 0, 181 &rip6_usrreqs 182}, 183{ SOCK_RAW, &inet6domain, IPPROTO_DSTOPTS,PR_ATOMIC|PR_ADDR, 184 dest6_input, 0, 0, 0, 185 0, 186 0, 0, 0, 0, 187 &nousrreqs 188}, 189{ SOCK_RAW, &inet6domain, IPPROTO_ROUTING,PR_ATOMIC|PR_ADDR, 190 route6_input, 0, 0, 0, 191 0, 192 0, 0, 0, 0, 193 &nousrreqs 194}, 195{ SOCK_RAW, &inet6domain, IPPROTO_FRAGMENT,PR_ATOMIC|PR_ADDR, 196 frag6_input, 0, 0, 0, 197 0, 198 0, 0, 0, 0, 199 &nousrreqs 200}, 201#ifdef IPSEC 202{ SOCK_RAW, &inet6domain, IPPROTO_AH, PR_ATOMIC|PR_ADDR, 203 ah6_input, 0, 0, 0, 204 0, 205 0, 0, 0, 0, 206 &nousrreqs, 207}, 208#ifdef IPSEC_ESP 209{ SOCK_RAW, &inet6domain, IPPROTO_ESP, PR_ATOMIC|PR_ADDR, 210 esp6_input, 0, 211 esp6_ctlinput, 212 0, 213 0, 214 0, 0, 0, 0, 215 &nousrreqs, 216}, 217#endif 218{ SOCK_RAW, &inet6domain, IPPROTO_IPCOMP, PR_ATOMIC|PR_ADDR, 219 ipcomp6_input, 0, 0, 0, 220 0, 221 0, 0, 0, 0, 222 &nousrreqs, 223}, 224#endif /* IPSEC */ 225#ifdef INET 226{ SOCK_RAW, &inet6domain, IPPROTO_IPV4, PR_ATOMIC|PR_ADDR|PR_LASTHDR, 227 encap6_input, rip6_output, 0, rip6_ctloutput, 228 0, 229 encap_init, 0, 0, 0, 230 &rip6_usrreqs 231}, 232#endif /*INET*/ 233{ SOCK_RAW, &inet6domain, IPPROTO_IPV6, PR_ATOMIC|PR_ADDR|PR_LASTHDR, 234 encap6_input, rip6_output, 0, rip6_ctloutput, 235 0, 236 encap_init, 0, 0, 0, 237 &rip6_usrreqs 238}, 239{ SOCK_RAW, &inet6domain, IPPROTO_PIM, PR_ATOMIC|PR_ADDR|PR_LASTHDR, 240 pim6_input, rip6_output, 0, rip6_ctloutput, 241 0, 242 0, 0, 0, 0, 243 &rip6_usrreqs 244}, 245/* raw wildcard */ 246{ SOCK_RAW, &inet6domain, 0, PR_ATOMIC|PR_ADDR, 247 rip6_input, rip6_output, 0, rip6_ctloutput, 248 0, 249 0, 0, 0, 0, 250 &rip6_usrreqs 251}, 252}; 253 254#if NGIF > 0 255struct ip6protosw in6_gif_protosw = 256{ SOCK_RAW, &inet6domain, 0/*IPPROTO_IPV[46]*/, PR_ATOMIC|PR_ADDR, 257 in6_gif_input, rip6_output, 0, rip6_ctloutput, 258 0, 259 0, 0, 0, 0, 260 &rip6_usrreqs 261}; 262#endif /*NGIF*/ 263 264extern int in6_inithead __P((void **, int)); 265 266struct domain inet6domain = 267 { AF_INET6, "internet6", 0, 0, 0, 268 (struct protosw *)inet6sw, 269 (struct protosw *)&inet6sw[sizeof(inet6sw)/sizeof(inet6sw[0])], 0, 270 in6_inithead, 271 offsetof(struct sockaddr_in6, sin6_addr) << 3, 272 sizeof(struct sockaddr_in6) }; 273 274DOMAIN_SET(inet6); 275 276/* 277 * Internet configuration info 278 */ 279#ifndef IPV6FORWARDING 280#ifdef GATEWAY6 281#define IPV6FORWARDING 1 /* forward IP6 packets not for us */ 282#else 283#define IPV6FORWARDING 0 /* don't forward IP6 packets not for us */ 284#endif /* GATEWAY6 */ 285#endif /* !IPV6FORWARDING */ 286 287#ifndef IPV6_SENDREDIRECTS 288#define IPV6_SENDREDIRECTS 1 289#endif 290 291int ip6_forwarding = IPV6FORWARDING; /* act as router? */ 292int ip6_sendredirects = IPV6_SENDREDIRECTS; 293int ip6_defhlim = IPV6_DEFHLIM; 294int ip6_defmcasthlim = IPV6_DEFAULT_MULTICAST_HOPS; 295int ip6_accept_rtadv = 0; /* "IPV6FORWARDING ? 0 : 1" is dangerous */ 296int ip6_maxfragpackets; /* initialized in frag6.c:frag6_init() */ 297int ip6_log_interval = 5; 298int ip6_hdrnestlimit = 50; /* appropriate? */ 299int ip6_dad_count = 1; /* DupAddrDetectionTransmits */ 300u_int32_t ip6_flow_seq; 301int ip6_auto_flowlabel = 1; 302#if NGIF > 0 303int ip6_gif_hlim = GIF_HLIM; 304#else 305int ip6_gif_hlim = 0; 306#endif 307int ip6_use_deprecated = 1; /* allow deprecated addr (RFC2462 5.5.4) */ 308int ip6_rr_prune = 5; /* router renumbering prefix 309 * walk list every 5 sec. */ 310int ip6_v6only = 0; 311 312u_int32_t ip6_id = 0UL; 313int ip6_keepfaith = 0; 314time_t ip6_log_time = (time_t)0L; 315 316/* icmp6 */ 317/* 318 * BSDI4 defines these variables in in_proto.c... 319 * XXX: what if we don't define INET? Should we define pmtu6_expire 320 * or so? (jinmei@kame.net 19990310) 321 */ 322int pmtu_expire = 60*10; 323int pmtu_probe = 60*2; 324 325/* raw IP6 parameters */ 326/* 327 * Nominal space allocated to a raw ip socket. 328 */ 329#define RIPV6SNDQ 8192 330#define RIPV6RCVQ 8192 331 332u_long rip6_sendspace = RIPV6SNDQ; 333u_long rip6_recvspace = RIPV6RCVQ; 334 335/* ICMPV6 parameters */ 336int icmp6_rediraccept = 1; /* accept and process redirects */ 337int icmp6_redirtimeout = 10 * 60; /* 10 minutes */ 338int icmp6errppslim = 100; /* 100pps */ 339int icmp6_nodeinfo = 3; /* enable/disable NI response */ 340 341/* UDP on IP6 parameters */ 342int udp6_sendspace = 9216; /* really max datagram size */ 343int udp6_recvspace = 40 * (1024 + sizeof(struct sockaddr_in6)); 344 /* 40 1K datagrams */ 345 346/* 347 * sysctl related items. 348 */ 349SYSCTL_NODE(_net, PF_INET6, inet6, CTLFLAG_RW, 0, 350 "Internet6 Family"); 351 352/* net.inet6 */ 353SYSCTL_NODE(_net_inet6, IPPROTO_IPV6, ip6, CTLFLAG_RW, 0, "IP6"); 354SYSCTL_NODE(_net_inet6, IPPROTO_ICMPV6, icmp6, CTLFLAG_RW, 0, "ICMP6"); 355SYSCTL_NODE(_net_inet6, IPPROTO_UDP, udp6, CTLFLAG_RW, 0, "UDP6"); 356SYSCTL_NODE(_net_inet6, IPPROTO_TCP, tcp6, CTLFLAG_RW, 0, "TCP6"); 357#ifdef IPSEC 358SYSCTL_NODE(_net_inet6, IPPROTO_ESP, ipsec6, CTLFLAG_RW, 0, "IPSEC6"); 359#endif /* IPSEC */ 360 361/* net.inet6.ip6 */ 362static int 363sysctl_ip6_temppltime(SYSCTL_HANDLER_ARGS) 364{ 365 int error = 0; 366 int old; 367 368 error = SYSCTL_OUT(req, arg1, sizeof(int)); 369 if (error || !req->newptr) 370 return (error); 371 old = ip6_temp_preferred_lifetime; 372 error = SYSCTL_IN(req, arg1, sizeof(int)); 373 if (ip6_temp_preferred_lifetime < 374 ip6_desync_factor + ip6_temp_regen_advance) { 375 ip6_temp_preferred_lifetime = old; 376 return(EINVAL); 377 } 378 return(error); 379} 380 381static int 382sysctl_ip6_tempvltime(SYSCTL_HANDLER_ARGS) 383{ 384 int error = 0; 385 int old; 386 387 error = SYSCTL_OUT(req, arg1, sizeof(int)); 388 if (error || !req->newptr) 389 return (error); 390 old = ip6_temp_valid_lifetime; 391 error = SYSCTL_IN(req, arg1, sizeof(int)); 392 if (ip6_temp_valid_lifetime < ip6_temp_preferred_lifetime) { 393 ip6_temp_preferred_lifetime = old; 394 return(EINVAL); 395 } 396 return(error); 397} 398 399SYSCTL_INT(_net_inet6_ip6, IPV6CTL_FORWARDING, 400 forwarding, CTLFLAG_RW, &ip6_forwarding, 0, ""); 401SYSCTL_INT(_net_inet6_ip6, IPV6CTL_SENDREDIRECTS, 402 redirect, CTLFLAG_RW, &ip6_sendredirects, 0, ""); 403SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFHLIM, 404 hlim, CTLFLAG_RW, &ip6_defhlim, 0, ""); 405SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGPACKETS, 406 maxfragpackets, CTLFLAG_RW, &ip6_maxfragpackets, 0, ""); 407SYSCTL_INT(_net_inet6_ip6, IPV6CTL_ACCEPT_RTADV, 408 accept_rtadv, CTLFLAG_RW, &ip6_accept_rtadv, 0, ""); 409SYSCTL_INT(_net_inet6_ip6, IPV6CTL_KEEPFAITH, 410 keepfaith, CTLFLAG_RW, &ip6_keepfaith, 0, ""); 411SYSCTL_INT(_net_inet6_ip6, IPV6CTL_LOG_INTERVAL, 412 log_interval, CTLFLAG_RW, &ip6_log_interval, 0, ""); 413SYSCTL_INT(_net_inet6_ip6, IPV6CTL_HDRNESTLIMIT, 414 hdrnestlimit, CTLFLAG_RW, &ip6_hdrnestlimit, 0, ""); 415SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DAD_COUNT, 416 dad_count, CTLFLAG_RW, &ip6_dad_count, 0, ""); 417SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL, 418 auto_flowlabel, CTLFLAG_RW, &ip6_auto_flowlabel, 0, ""); 419SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFMCASTHLIM, 420 defmcasthlim, CTLFLAG_RW, &ip6_defmcasthlim, 0, ""); 421SYSCTL_INT(_net_inet6_ip6, IPV6CTL_GIF_HLIM, 422 gifhlim, CTLFLAG_RW, &ip6_gif_hlim, 0, ""); 423SYSCTL_STRING(_net_inet6_ip6, IPV6CTL_KAME_VERSION, 424 kame_version, CTLFLAG_RD, __KAME_VERSION, 0, ""); 425SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEPRECATED, 426 use_deprecated, CTLFLAG_RW, &ip6_use_deprecated, 0, ""); 427SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RR_PRUNE, 428 rr_prune, CTLFLAG_RW, &ip6_rr_prune, 0, ""); 429SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USETEMPADDR, 430 use_tempaddr, CTLFLAG_RW, &ip6_use_tempaddr, 0, ""); 431SYSCTL_OID(_net_inet6_ip6, IPV6CTL_TEMPPLTIME, temppltime, 432 CTLTYPE_INT|CTLFLAG_RW, &ip6_temp_preferred_lifetime, 0, 433 sysctl_ip6_temppltime, "I", ""); 434SYSCTL_OID(_net_inet6_ip6, IPV6CTL_TEMPVLTIME, tempvltime, 435 CTLTYPE_INT|CTLFLAG_RW, &ip6_temp_valid_lifetime, 0, 436 sysctl_ip6_tempvltime, "I", ""); 437SYSCTL_INT(_net_inet6_ip6, IPV6CTL_V6ONLY, 438 v6only, CTLFLAG_RW, &ip6_v6only, 0, ""); 439SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_LINKLOCAL, 440 auto_linklocal, CTLFLAG_RW, &ip6_auto_linklocal, 0, ""); 441SYSCTL_STRUCT(_net_inet6_ip6, IPV6CTL_RIP6STATS, rip6stats, CTLFLAG_RD, 442 &rip6stat, rip6stat, ""); 443 444/* net.inet6.icmp6 */ 445SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRACCEPT, 446 rediraccept, CTLFLAG_RW, &icmp6_rediraccept, 0, ""); 447SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRTIMEOUT, 448 redirtimeout, CTLFLAG_RW, &icmp6_redirtimeout, 0, ""); 449SYSCTL_STRUCT(_net_inet6_icmp6, ICMPV6CTL_STATS, stats, CTLFLAG_RD, 450 &icmp6stat, icmp6stat, ""); 451SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_PRUNE, 452 nd6_prune, CTLFLAG_RW, &nd6_prune, 0, ""); 453SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DELAY, 454 nd6_delay, CTLFLAG_RW, &nd6_delay, 0, ""); 455SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_UMAXTRIES, 456 nd6_umaxtries, CTLFLAG_RW, &nd6_umaxtries, 0, ""); 457SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MMAXTRIES, 458 nd6_mmaxtries, CTLFLAG_RW, &nd6_mmaxtries, 0, ""); 459SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_USELOOPBACK, 460 nd6_useloopback, CTLFLAG_RW, &nd6_useloopback, 0, ""); 461SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_NODEINFO, 462 nodeinfo, CTLFLAG_RW, &icmp6_nodeinfo, 0, ""); 463SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ERRPPSLIMIT, 464 errppslimit, CTLFLAG_RW, &icmp6errppslim, 0, ""); 465SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MAXNUDHINT, 466 nd6_maxnudhint, CTLFLAG_RW, &nd6_maxnudhint, 0, ""); 467SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DEBUG, 468 nd6_debug, CTLFLAG_RW, &nd6_debug, 0, ""); 469