sctp6_usrreq.c revision 169655
1163953Srrs/*- 2169382Srrs * Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved. 3163953Srrs * 4163953Srrs * Redistribution and use in source and binary forms, with or without 5163953Srrs * modification, are permitted provided that the following conditions are met: 6163953Srrs * 7163953Srrs * a) Redistributions of source code must retain the above copyright notice, 8163953Srrs * this list of conditions and the following disclaimer. 9163953Srrs * 10163953Srrs * b) Redistributions in binary form must reproduce the above copyright 11163953Srrs * notice, this list of conditions and the following disclaimer in 12163953Srrs * the documentation and/or other materials provided with the distribution. 13163953Srrs * 14163953Srrs * c) Neither the name of Cisco Systems, Inc. nor the names of its 15163953Srrs * contributors may be used to endorse or promote products derived 16163953Srrs * from this software without specific prior written permission. 17163953Srrs * 18163953Srrs * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19163953Srrs * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 20163953Srrs * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21163953Srrs * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 22163953Srrs * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23163953Srrs * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24163953Srrs * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25163953Srrs * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26163953Srrs * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27163953Srrs * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 28163953Srrs * THE POSSIBILITY OF SUCH DAMAGE. 29163953Srrs */ 30163953Srrs/* $KAME: sctp6_usrreq.c,v 1.38 2005/08/24 08:08:56 suz Exp $ */ 31163954Srrs#include <sys/cdefs.h> 32163953Srrs__FBSDID("$FreeBSD: head/sys/netinet6/sctp6_usrreq.c 169655 2007-05-17 12:16:24Z rrs $"); 33163953Srrs 34168709Srrs 35166086Srrs#include <netinet/sctp_os.h> 36163953Srrs#include <sys/proc.h> 37163953Srrs#include <netinet/sctp_pcb.h> 38163953Srrs#include <netinet/sctp_header.h> 39163953Srrs#include <netinet/sctp_var.h> 40168709Srrs#if defined(INET6) 41168709Srrs#include <netinet6/sctp6_var.h> 42168709Srrs#endif 43167598Srrs#include <netinet/sctp_sysctl.h> 44163953Srrs#include <netinet/sctp_output.h> 45166086Srrs#include <netinet/sctp_uio.h> 46163953Srrs#include <netinet/sctp_asconf.h> 47166086Srrs#include <netinet/sctputil.h> 48166086Srrs#include <netinet/sctp_indata.h> 49166086Srrs#include <netinet/sctp_timer.h> 50166086Srrs#include <netinet/sctp_auth.h> 51168709Srrs#include <netinet/sctp_input.h> 52168709Srrs#include <netinet/sctp_output.h> 53163953Srrs 54163953Srrs 55163953Srrsextern struct protosw inetsw[]; 56163953Srrs 57163953Srrs 58163953Srrs 59168709Srrs 60163953Srrsint 61168709Srrssctp6_input(i_pak, offp, proto) 62168709Srrs struct mbuf **i_pak; 63163953Srrs int *offp; 64163953Srrs int proto; 65163953Srrs{ 66165647Srrs struct mbuf *m; 67163953Srrs struct ip6_hdr *ip6; 68163953Srrs struct sctphdr *sh; 69163953Srrs struct sctp_inpcb *in6p = NULL; 70163953Srrs struct sctp_nets *net; 71163953Srrs int refcount_up = 0; 72169352Srrs uint32_t check, calc_check; 73169352Srrs uint32_t vrf_id = 0, table_id = 0; 74163953Srrs struct inpcb *in6p_ip; 75163953Srrs struct sctp_chunkhdr *ch; 76163953Srrs int length, mlen, offset, iphlen; 77168299Srrs uint8_t ecn_bits; 78163953Srrs struct sctp_tcb *stcb = NULL; 79163953Srrs int off = *offp; 80163953Srrs 81169352Srrs /* get the VRF and table id's */ 82169352Srrs if (SCTP_GET_PKT_VRFID(*i_pak, vrf_id)) { 83169352Srrs SCTP_RELEASE_PKT(*i_pak); 84169352Srrs return (-1); 85169352Srrs } 86169352Srrs if (SCTP_GET_PKT_TABLEID(*i_pak, table_id)) { 87169352Srrs SCTP_RELEASE_PKT(*i_pak); 88169352Srrs return (-1); 89169352Srrs } 90168709Srrs m = SCTP_HEADER_TO_CHAIN(*i_pak); 91165647Srrs 92163953Srrs ip6 = mtod(m, struct ip6_hdr *); 93163953Srrs /* Ensure that (sctphdr + sctp_chunkhdr) in a row. */ 94163953Srrs IP6_EXTHDR_GET(sh, struct sctphdr *, m, off, sizeof(*sh) + sizeof(*ch)); 95163953Srrs if (sh == NULL) { 96163953Srrs SCTP_STAT_INCR(sctps_hdrops); 97163953Srrs return IPPROTO_DONE; 98163953Srrs } 99163953Srrs ch = (struct sctp_chunkhdr *)((caddr_t)sh + sizeof(struct sctphdr)); 100163953Srrs iphlen = off; 101163953Srrs offset = iphlen + sizeof(*sh) + sizeof(*ch); 102163953Srrs 103163953Srrs#if defined(NFAITH) && NFAITH > 0 104163953Srrs 105163953Srrs if (faithprefix_p != NULL && (*faithprefix_p) (&ip6->ip6_dst)) { 106163953Srrs /* XXX send icmp6 host/port unreach? */ 107163953Srrs goto bad; 108163953Srrs } 109163953Srrs#endif /* NFAITH defined and > 0 */ 110163953Srrs SCTP_STAT_INCR(sctps_recvpackets); 111163953Srrs SCTP_STAT_INCR_COUNTER64(sctps_inpackets); 112169420Srrs SCTPDBG(SCTP_DEBUG_INPUT1, "V6 input gets a packet iphlen:%d pktlen:%d\n", 113169420Srrs iphlen, SCTP_HEADER_LEN((*i_pak))); 114163953Srrs if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { 115163953Srrs /* No multi-cast support in SCTP */ 116163953Srrs goto bad; 117163953Srrs } 118163953Srrs /* destination port of 0 is illegal, based on RFC2960. */ 119163953Srrs if (sh->dest_port == 0) 120163953Srrs goto bad; 121163953Srrs if ((sctp_no_csum_on_loopback == 0) || 122165647Srrs (!SCTP_IS_IT_LOOPBACK(m))) { 123163953Srrs /* 124163953Srrs * we do NOT validate things from the loopback if the sysctl 125163953Srrs * is set to 1. 126163953Srrs */ 127163953Srrs check = sh->checksum; /* save incoming checksum */ 128163953Srrs if ((check == 0) && (sctp_no_csum_on_loopback)) { 129163953Srrs /* 130163953Srrs * special hook for where we got a local address 131163953Srrs * somehow routed across a non IFT_LOOP type 132163953Srrs * interface 133163953Srrs */ 134163953Srrs if (IN6_ARE_ADDR_EQUAL(&ip6->ip6_src, &ip6->ip6_dst)) 135163953Srrs goto sctp_skip_csum; 136163953Srrs } 137163953Srrs sh->checksum = 0; /* prepare for calc */ 138163953Srrs calc_check = sctp_calculate_sum(m, &mlen, iphlen); 139163953Srrs if (calc_check != check) { 140169420Srrs SCTPDBG(SCTP_DEBUG_INPUT1, "Bad CSUM on SCTP packet calc_check:%x check:%x m:%p mlen:%d iphlen:%d\n", 141169420Srrs calc_check, check, m, mlen, iphlen); 142163953Srrs stcb = sctp_findassociation_addr(m, iphlen, offset - sizeof(*ch), 143168299Srrs sh, ch, &in6p, &net, vrf_id); 144163953Srrs /* in6p's ref-count increased && stcb locked */ 145163953Srrs if ((in6p) && (stcb)) { 146163953Srrs sctp_send_packet_dropped(stcb, net, m, iphlen, 1); 147163953Srrs sctp_chunk_output((struct sctp_inpcb *)in6p, stcb, 2); 148163953Srrs } else if ((in6p != NULL) && (stcb == NULL)) { 149163953Srrs refcount_up = 1; 150163953Srrs } 151163953Srrs SCTP_STAT_INCR(sctps_badsum); 152163953Srrs SCTP_STAT_INCR_COUNTER32(sctps_checksumerrors); 153163953Srrs goto bad; 154163953Srrs } 155163953Srrs sh->checksum = calc_check; 156165647Srrs } 157163953Srrssctp_skip_csum: 158163953Srrs net = NULL; 159163953Srrs /* 160163953Srrs * Locate pcb and tcb for datagram sctp_findassociation_addr() wants 161163953Srrs * IP/SCTP/first chunk header... 162163953Srrs */ 163163953Srrs stcb = sctp_findassociation_addr(m, iphlen, offset - sizeof(*ch), 164168299Srrs sh, ch, &in6p, &net, vrf_id); 165163953Srrs /* in6p's ref-count increased */ 166163953Srrs if (in6p == NULL) { 167163953Srrs struct sctp_init_chunk *init_chk, chunk_buf; 168163953Srrs 169163953Srrs SCTP_STAT_INCR(sctps_noport); 170163953Srrs if (ch->chunk_type == SCTP_INITIATION) { 171163953Srrs /* 172163953Srrs * we do a trick here to get the INIT tag, dig in 173163953Srrs * and get the tag from the INIT and put it in the 174163953Srrs * common header. 175163953Srrs */ 176163953Srrs init_chk = (struct sctp_init_chunk *)sctp_m_getptr(m, 177163953Srrs iphlen + sizeof(*sh), sizeof(*init_chk), 178168299Srrs (uint8_t *) & chunk_buf); 179169420Srrs if (init_chk) 180169420Srrs sh->v_tag = init_chk->init.initiate_tag; 181169420Srrs else 182169420Srrs sh->v_tag = 0; 183163953Srrs } 184165220Srrs if (ch->chunk_type == SCTP_SHUTDOWN_ACK) { 185169352Srrs sctp_send_shutdown_complete2(m, iphlen, sh, vrf_id, 186169352Srrs table_id); 187165220Srrs goto bad; 188165220Srrs } 189165220Srrs if (ch->chunk_type == SCTP_SHUTDOWN_COMPLETE) { 190165220Srrs goto bad; 191165220Srrs } 192165220Srrs if (ch->chunk_type != SCTP_ABORT_ASSOCIATION) 193169352Srrs sctp_send_abort(m, iphlen, sh, 0, NULL, vrf_id, 194169352Srrs table_id); 195163953Srrs goto bad; 196163953Srrs } else if (stcb == NULL) { 197163953Srrs refcount_up = 1; 198163953Srrs } 199163953Srrs in6p_ip = (struct inpcb *)in6p; 200163953Srrs#ifdef IPSEC 201163953Srrs /* 202163953Srrs * Check AH/ESP integrity. 203163953Srrs */ 204163996Srrs if (in6p_ip && (ipsec6_in_reject(m, in6p_ip))) { 205163953Srrs/* XXX */ 206163953Srrs ipsec6stat.in_polvio++; 207163953Srrs goto bad; 208163996Srrs } 209163953Srrs#endif /* IPSEC */ 210163953Srrs 211163953Srrs /* 212163953Srrs * CONTROL chunk processing 213163953Srrs */ 214163953Srrs offset -= sizeof(*ch); 215163953Srrs ecn_bits = ((ntohl(ip6->ip6_flow) >> 20) & 0x000000ff); 216165647Srrs 217165647Srrs /* Length now holds the total packet length payload + iphlen */ 218165647Srrs length = ntohs(ip6->ip6_plen) + iphlen; 219165647Srrs 220169655Srrs /* sa_ignore NO_NULL_CHK */ 221169378Srrs sctp_common_input_processing(&m, iphlen, offset, length, sh, ch, 222169352Srrs in6p, stcb, net, ecn_bits, vrf_id, table_id); 223163953Srrs /* inp's ref-count reduced && stcb unlocked */ 224163953Srrs /* XXX this stuff below gets moved to appropriate parts later... */ 225163953Srrs if (m) 226169352Srrs sctp_m_freem(m); 227163953Srrs if ((in6p) && refcount_up) { 228163953Srrs /* reduce ref-count */ 229163953Srrs SCTP_INP_WLOCK(in6p); 230163953Srrs SCTP_INP_DECR_REF(in6p); 231163953Srrs SCTP_INP_WUNLOCK(in6p); 232163953Srrs } 233163953Srrs return IPPROTO_DONE; 234163953Srrs 235163953Srrsbad: 236169420Srrs if (stcb) { 237163953Srrs SCTP_TCB_UNLOCK(stcb); 238169420Srrs } 239163953Srrs if ((in6p) && refcount_up) { 240163953Srrs /* reduce ref-count */ 241163953Srrs SCTP_INP_WLOCK(in6p); 242163953Srrs SCTP_INP_DECR_REF(in6p); 243163953Srrs SCTP_INP_WUNLOCK(in6p); 244163953Srrs } 245163953Srrs if (m) 246169352Srrs sctp_m_freem(m); 247163953Srrs return IPPROTO_DONE; 248163953Srrs} 249163953Srrs 250163953Srrs 251163953Srrsstatic void 252163953Srrssctp6_notify_mbuf(struct sctp_inpcb *inp, 253163953Srrs struct icmp6_hdr *icmp6, 254163953Srrs struct sctphdr *sh, 255163953Srrs struct sctp_tcb *stcb, 256163953Srrs struct sctp_nets *net) 257163953Srrs{ 258168299Srrs uint32_t nxtsz; 259163953Srrs 260163953Srrs if ((inp == NULL) || (stcb == NULL) || (net == NULL) || 261163953Srrs (icmp6 == NULL) || (sh == NULL)) { 262163953Srrs goto out; 263163953Srrs } 264163953Srrs /* First do we even look at it? */ 265163953Srrs if (ntohl(sh->v_tag) != (stcb->asoc.peer_vtag)) 266163953Srrs goto out; 267163953Srrs 268163953Srrs if (icmp6->icmp6_type != ICMP6_PACKET_TOO_BIG) { 269163953Srrs /* not PACKET TO BIG */ 270163953Srrs goto out; 271163953Srrs } 272163953Srrs /* 273163953Srrs * ok we need to look closely. We could even get smarter and look at 274163953Srrs * anyone that we sent to in case we get a different ICMP that tells 275163953Srrs * us there is no way to reach a host, but for this impl, all we 276163953Srrs * care about is MTU discovery. 277163953Srrs */ 278163953Srrs nxtsz = ntohl(icmp6->icmp6_mtu); 279163953Srrs /* Stop any PMTU timer */ 280165220Srrs sctp_timer_stop(SCTP_TIMER_TYPE_PATHMTURAISE, inp, stcb, NULL, SCTP_FROM_SCTP6_USRREQ + SCTP_LOC_1); 281163953Srrs 282163953Srrs /* Adjust destination size limit */ 283163953Srrs if (net->mtu > nxtsz) { 284163953Srrs net->mtu = nxtsz; 285163953Srrs } 286163953Srrs /* now what about the ep? */ 287163953Srrs if (stcb->asoc.smallest_mtu > nxtsz) { 288163953Srrs struct sctp_tmit_chunk *chk; 289163953Srrs 290163953Srrs /* Adjust that too */ 291163953Srrs stcb->asoc.smallest_mtu = nxtsz; 292163953Srrs /* now off to subtract IP_DF flag if needed */ 293163953Srrs 294163953Srrs TAILQ_FOREACH(chk, &stcb->asoc.send_queue, sctp_next) { 295168299Srrs if ((uint32_t) (chk->send_size + IP_HDR_SIZE) > nxtsz) { 296163953Srrs chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 297163953Srrs } 298163953Srrs } 299163953Srrs TAILQ_FOREACH(chk, &stcb->asoc.sent_queue, sctp_next) { 300168299Srrs if ((uint32_t) (chk->send_size + IP_HDR_SIZE) > nxtsz) { 301163953Srrs /* 302163953Srrs * For this guy we also mark for immediate 303163953Srrs * resend since we sent to big of chunk 304163953Srrs */ 305163953Srrs chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 306163953Srrs if (chk->sent != SCTP_DATAGRAM_RESEND) 307163953Srrs stcb->asoc.sent_queue_retran_cnt++; 308163953Srrs chk->sent = SCTP_DATAGRAM_RESEND; 309163953Srrs chk->rec.data.doing_fast_retransmit = 0; 310163953Srrs 311163953Srrs chk->sent = SCTP_DATAGRAM_RESEND; 312163953Srrs /* Clear any time so NO RTT is being done */ 313163953Srrs chk->sent_rcv_time.tv_sec = 0; 314163953Srrs chk->sent_rcv_time.tv_usec = 0; 315163953Srrs stcb->asoc.total_flight -= chk->send_size; 316163953Srrs net->flight_size -= chk->send_size; 317163953Srrs } 318163953Srrs } 319163953Srrs } 320163953Srrs sctp_timer_start(SCTP_TIMER_TYPE_PATHMTURAISE, inp, stcb, NULL); 321163953Srrsout: 322169420Srrs if (stcb) { 323163953Srrs SCTP_TCB_UNLOCK(stcb); 324169420Srrs } 325163953Srrs} 326163953Srrs 327163953Srrs 328163953Srrsvoid 329163953Srrssctp6_ctlinput(cmd, pktdst, d) 330163953Srrs int cmd; 331163953Srrs struct sockaddr *pktdst; 332163953Srrs void *d; 333163953Srrs{ 334163953Srrs struct sctphdr sh; 335163953Srrs struct ip6ctlparam *ip6cp = NULL; 336167598Srrs uint32_t vrf_id; 337166086Srrs int cm; 338163953Srrs 339167598Srrs vrf_id = SCTP_DEFAULT_VRFID; 340167598Srrs 341163953Srrs if (pktdst->sa_family != AF_INET6 || 342163953Srrs pktdst->sa_len != sizeof(struct sockaddr_in6)) 343163953Srrs return; 344163953Srrs 345163953Srrs if ((unsigned)cmd >= PRC_NCMDS) 346163953Srrs return; 347163953Srrs if (PRC_IS_REDIRECT(cmd)) { 348163953Srrs d = NULL; 349163953Srrs } else if (inet6ctlerrmap[cmd] == 0) { 350163953Srrs return; 351163953Srrs } 352163953Srrs /* if the parameter is from icmp6, decode it. */ 353163953Srrs if (d != NULL) { 354163953Srrs ip6cp = (struct ip6ctlparam *)d; 355163953Srrs } else { 356163953Srrs ip6cp = (struct ip6ctlparam *)NULL; 357163953Srrs } 358163953Srrs 359163953Srrs if (ip6cp) { 360163953Srrs /* 361163953Srrs * XXX: We assume that when IPV6 is non NULL, M and OFF are 362163953Srrs * valid. 363163953Srrs */ 364163953Srrs /* check if we can safely examine src and dst ports */ 365163953Srrs struct sctp_inpcb *inp = NULL; 366163953Srrs struct sctp_tcb *stcb = NULL; 367163953Srrs struct sctp_nets *net = NULL; 368163953Srrs struct sockaddr_in6 final; 369163953Srrs 370165647Srrs if (ip6cp->ip6c_m == NULL) 371163953Srrs return; 372163953Srrs 373163953Srrs bzero(&sh, sizeof(sh)); 374163953Srrs bzero(&final, sizeof(final)); 375163953Srrs inp = NULL; 376163953Srrs net = NULL; 377163953Srrs m_copydata(ip6cp->ip6c_m, ip6cp->ip6c_off, sizeof(sh), 378163953Srrs (caddr_t)&sh); 379163953Srrs ip6cp->ip6c_src->sin6_port = sh.src_port; 380163953Srrs final.sin6_len = sizeof(final); 381163953Srrs final.sin6_family = AF_INET6; 382163953Srrs final.sin6_addr = ((struct sockaddr_in6 *)pktdst)->sin6_addr; 383163953Srrs final.sin6_port = sh.dest_port; 384163953Srrs stcb = sctp_findassociation_addr_sa((struct sockaddr *)ip6cp->ip6c_src, 385163953Srrs (struct sockaddr *)&final, 386167598Srrs &inp, &net, 1, vrf_id); 387163953Srrs /* inp's ref-count increased && stcb locked */ 388163953Srrs if (stcb != NULL && inp && (inp->sctp_socket != NULL)) { 389163953Srrs if (cmd == PRC_MSGSIZE) { 390163953Srrs sctp6_notify_mbuf(inp, 391163953Srrs ip6cp->ip6c_icmp6, 392163953Srrs &sh, 393163953Srrs stcb, 394163953Srrs net); 395163953Srrs /* inp's ref-count reduced && stcb unlocked */ 396163953Srrs } else { 397163953Srrs if (cmd == PRC_HOSTDEAD) { 398163953Srrs cm = EHOSTUNREACH; 399163953Srrs } else { 400163953Srrs cm = inet6ctlerrmap[cmd]; 401163953Srrs } 402163953Srrs sctp_notify(inp, cm, &sh, 403163953Srrs (struct sockaddr *)&final, 404163953Srrs stcb, net); 405163953Srrs /* inp's ref-count reduced && stcb unlocked */ 406163953Srrs } 407163953Srrs } else { 408163953Srrs if (PRC_IS_REDIRECT(cmd) && inp) { 409163953Srrs in6_rtchange((struct in6pcb *)inp, 410163953Srrs inet6ctlerrmap[cmd]); 411163953Srrs } 412163953Srrs if (inp) { 413163953Srrs /* reduce inp's ref-count */ 414163953Srrs SCTP_INP_WLOCK(inp); 415163953Srrs SCTP_INP_DECR_REF(inp); 416163953Srrs SCTP_INP_WUNLOCK(inp); 417163953Srrs } 418163953Srrs if (stcb) 419163953Srrs SCTP_TCB_UNLOCK(stcb); 420163953Srrs } 421163953Srrs } 422163953Srrs} 423163953Srrs 424163953Srrs/* 425163953Srrs * this routine can probably be collasped into the one in sctp_userreq.c 426163953Srrs * since they do the same thing and now we lookup with a sockaddr 427163953Srrs */ 428163953Srrsstatic int 429163953Srrssctp6_getcred(SYSCTL_HANDLER_ARGS) 430163953Srrs{ 431164085Srrs struct xucred xuc; 432163953Srrs struct sockaddr_in6 addrs[2]; 433163953Srrs struct sctp_inpcb *inp; 434163953Srrs struct sctp_nets *net; 435163953Srrs struct sctp_tcb *stcb; 436164085Srrs int error; 437167598Srrs uint32_t vrf_id; 438163953Srrs 439167598Srrs vrf_id = SCTP_DEFAULT_VRFID; 440167598Srrs 441164039Srwatson /* 442164039Srwatson * XXXRW: Other instances of getcred use SUSER_ALLOWJAIL, as socket 443164039Srwatson * visibility is scoped using cr_canseesocket(), which it is not 444164039Srwatson * here. 445164039Srwatson */ 446164039Srwatson error = priv_check_cred(req->td->td_ucred, PRIV_NETINET_RESERVEDPORT, 447164039Srwatson 0); 448163953Srrs if (error) 449163953Srrs return (error); 450163953Srrs 451163953Srrs if (req->newlen != sizeof(addrs)) 452163953Srrs return (EINVAL); 453163953Srrs if (req->oldlen != sizeof(struct ucred)) 454163953Srrs return (EINVAL); 455163953Srrs error = SYSCTL_IN(req, addrs, sizeof(addrs)); 456163953Srrs if (error) 457163953Srrs return (error); 458163953Srrs 459163953Srrs stcb = sctp_findassociation_addr_sa(sin6tosa(&addrs[0]), 460163953Srrs sin6tosa(&addrs[1]), 461167598Srrs &inp, &net, 1, vrf_id); 462163953Srrs if (stcb == NULL || inp == NULL || inp->sctp_socket == NULL) { 463164085Srrs if ((inp != NULL) && (stcb == NULL)) { 464164085Srrs /* reduce ref-count */ 465163953Srrs SCTP_INP_WLOCK(inp); 466163953Srrs SCTP_INP_DECR_REF(inp); 467164085Srrs goto cred_can_cont; 468163953Srrs } 469164085Srrs error = ENOENT; 470163953Srrs goto out; 471163953Srrs } 472163953Srrs SCTP_TCB_UNLOCK(stcb); 473164085Srrs /* 474164085Srrs * We use the write lock here, only since in the error leg we need 475164085Srrs * it. If we used RLOCK, then we would have to 476164085Srrs * wlock/decr/unlock/rlock. Which in theory could create a hole. 477164085Srrs * Better to use higher wlock. 478164085Srrs */ 479164085Srrs SCTP_INP_WLOCK(inp); 480164085Srrscred_can_cont: 481164085Srrs error = cr_canseesocket(req->td->td_ucred, inp->sctp_socket); 482164085Srrs if (error) { 483164085Srrs SCTP_INP_WUNLOCK(inp); 484164085Srrs goto out; 485164085Srrs } 486164085Srrs cru2x(inp->sctp_socket->so_cred, &xuc); 487164085Srrs SCTP_INP_WUNLOCK(inp); 488164085Srrs error = SYSCTL_OUT(req, &xuc, sizeof(struct xucred)); 489163953Srrsout: 490163953Srrs return (error); 491163953Srrs} 492163953Srrs 493163953SrrsSYSCTL_PROC(_net_inet6_sctp6, OID_AUTO, getcred, CTLTYPE_OPAQUE | CTLFLAG_RW, 494163953Srrs 0, 0, 495163953Srrs sctp6_getcred, "S,ucred", "Get the ucred of a SCTP6 connection"); 496163953Srrs 497163953Srrs 498163953Srrs/* This is the same as the sctp_abort() could be made common */ 499163953Srrsstatic void 500163953Srrssctp6_abort(struct socket *so) 501163953Srrs{ 502163953Srrs struct sctp_inpcb *inp; 503163953Srrs uint32_t flags; 504163953Srrs 505163953Srrs inp = (struct sctp_inpcb *)so->so_pcb; 506163953Srrs if (inp == 0) 507163953Srrs return; 508163953Srrssctp_must_try_again: 509163953Srrs flags = inp->sctp_flags; 510163953Srrs#ifdef SCTP_LOG_CLOSING 511163953Srrs sctp_log_closing(inp, NULL, 17); 512163953Srrs#endif 513163953Srrs if (((flags & SCTP_PCB_FLAGS_SOCKET_GONE) == 0) && 514163953Srrs (atomic_cmpset_int(&inp->sctp_flags, flags, (flags | SCTP_PCB_FLAGS_SOCKET_GONE | SCTP_PCB_FLAGS_CLOSE_IP)))) { 515163953Srrs#ifdef SCTP_LOG_CLOSING 516163953Srrs sctp_log_closing(inp, NULL, 16); 517163953Srrs#endif 518169380Srrs sctp_inpcb_free(inp, SCTP_FREE_SHOULD_USE_ABORT, 519169380Srrs SCTP_CALLED_AFTER_CMPSET_OFCLOSE); 520163953Srrs SOCK_LOCK(so); 521167695Srrs SCTP_SB_CLEAR(so->so_snd); 522163953Srrs /* 523163953Srrs * same for the rcv ones, they are only here for the 524163953Srrs * accounting/select. 525163953Srrs */ 526167695Srrs SCTP_SB_CLEAR(so->so_rcv); 527167695Srrs /* Now null out the reference, we are completely detached. */ 528163953Srrs so->so_pcb = NULL; 529163953Srrs SOCK_UNLOCK(so); 530163953Srrs } else { 531163953Srrs flags = inp->sctp_flags; 532163953Srrs if ((flags & SCTP_PCB_FLAGS_SOCKET_GONE) == 0) { 533163953Srrs goto sctp_must_try_again; 534163953Srrs } 535163953Srrs } 536163953Srrs return; 537163953Srrs} 538163953Srrs 539163953Srrsstatic int 540163953Srrssctp6_attach(struct socket *so, int proto, struct thread *p) 541163953Srrs{ 542163953Srrs struct in6pcb *inp6; 543166086Srrs int error; 544163953Srrs struct sctp_inpcb *inp; 545163953Srrs 546163953Srrs inp = (struct sctp_inpcb *)so->so_pcb; 547163953Srrs if (inp != NULL) 548163953Srrs return EINVAL; 549163953Srrs 550163953Srrs if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) { 551167695Srrs error = SCTP_SORESERVE(so, sctp_sendspace, sctp_recvspace); 552163953Srrs if (error) 553163953Srrs return error; 554163953Srrs } 555163953Srrs error = sctp_inpcb_alloc(so); 556163953Srrs if (error) 557163953Srrs return error; 558163953Srrs inp = (struct sctp_inpcb *)so->so_pcb; 559163953Srrs inp->sctp_flags |= SCTP_PCB_FLAGS_BOUND_V6; /* I'm v6! */ 560163953Srrs inp6 = (struct in6pcb *)inp; 561163953Srrs 562163953Srrs inp6->inp_vflag |= INP_IPV6; 563163953Srrs inp6->in6p_hops = -1; /* use kernel default */ 564163953Srrs inp6->in6p_cksum = -1; /* just to be sure */ 565163953Srrs#ifdef INET 566163953Srrs /* 567163953Srrs * XXX: ugly!! IPv4 TTL initialization is necessary for an IPv6 568163953Srrs * socket as well, because the socket may be bound to an IPv6 569163953Srrs * wildcard address, which may match an IPv4-mapped IPv6 address. 570163953Srrs */ 571163953Srrs inp6->inp_ip_ttl = ip_defttl; 572163953Srrs#endif 573163953Srrs /* 574163953Srrs * Hmm what about the IPSEC stuff that is missing here but in 575163953Srrs * sctp_attach()? 576163953Srrs */ 577163953Srrs return 0; 578163953Srrs} 579163953Srrs 580163953Srrsstatic int 581163953Srrssctp6_bind(struct socket *so, struct sockaddr *addr, struct thread *p) 582163953Srrs{ 583163953Srrs struct sctp_inpcb *inp; 584163953Srrs struct in6pcb *inp6; 585166086Srrs int error; 586163953Srrs 587163953Srrs inp = (struct sctp_inpcb *)so->so_pcb; 588163953Srrs if (inp == 0) 589163953Srrs return EINVAL; 590163953Srrs 591163953Srrs inp6 = (struct in6pcb *)inp; 592163953Srrs inp6->inp_vflag &= ~INP_IPV4; 593163953Srrs inp6->inp_vflag |= INP_IPV6; 594166023Srrs if ((addr != NULL) && (SCTP_IPV6_V6ONLY(inp6) == 0)) { 595163953Srrs if (addr->sa_family == AF_INET) { 596163953Srrs /* binding v4 addr to v6 socket, so reset flags */ 597163953Srrs inp6->inp_vflag |= INP_IPV4; 598163953Srrs inp6->inp_vflag &= ~INP_IPV6; 599163953Srrs } else { 600163953Srrs struct sockaddr_in6 *sin6_p; 601163953Srrs 602163953Srrs sin6_p = (struct sockaddr_in6 *)addr; 603163953Srrs 604163953Srrs if (IN6_IS_ADDR_UNSPECIFIED(&sin6_p->sin6_addr)) { 605163953Srrs inp6->inp_vflag |= INP_IPV4; 606163953Srrs } else if (IN6_IS_ADDR_V4MAPPED(&sin6_p->sin6_addr)) { 607163953Srrs struct sockaddr_in sin; 608163953Srrs 609163953Srrs in6_sin6_2_sin(&sin, sin6_p); 610163953Srrs inp6->inp_vflag |= INP_IPV4; 611163953Srrs inp6->inp_vflag &= ~INP_IPV6; 612163953Srrs error = sctp_inpcb_bind(so, (struct sockaddr *)&sin, p); 613163953Srrs return error; 614163953Srrs } 615163953Srrs } 616163953Srrs } else if (addr != NULL) { 617163953Srrs /* IPV6_V6ONLY socket */ 618163953Srrs if (addr->sa_family == AF_INET) { 619163953Srrs /* can't bind v4 addr to v6 only socket! */ 620163953Srrs return EINVAL; 621163953Srrs } else { 622163953Srrs struct sockaddr_in6 *sin6_p; 623163953Srrs 624163953Srrs sin6_p = (struct sockaddr_in6 *)addr; 625163953Srrs 626163953Srrs if (IN6_IS_ADDR_V4MAPPED(&sin6_p->sin6_addr)) 627163953Srrs /* can't bind v4-mapped addrs either! */ 628163953Srrs /* NOTE: we don't support SIIT */ 629163953Srrs return EINVAL; 630163953Srrs } 631163953Srrs } 632163953Srrs error = sctp_inpcb_bind(so, addr, p); 633163953Srrs return error; 634163953Srrs} 635163953Srrs 636163953Srrs 637163953Srrsstatic void 638163953Srrssctp6_close(struct socket *so) 639163953Srrs{ 640163953Srrs struct sctp_inpcb *inp; 641163953Srrs uint32_t flags; 642163953Srrs 643163953Srrs inp = (struct sctp_inpcb *)so->so_pcb; 644163953Srrs if (inp == 0) 645163953Srrs return; 646163953Srrs 647163953Srrs /* 648163953Srrs * Inform all the lower layer assoc that we are done. 649163953Srrs */ 650163953Srrssctp_must_try_again: 651163953Srrs flags = inp->sctp_flags; 652163953Srrs#ifdef SCTP_LOG_CLOSING 653163953Srrs sctp_log_closing(inp, NULL, 17); 654163953Srrs#endif 655163953Srrs if (((flags & SCTP_PCB_FLAGS_SOCKET_GONE) == 0) && 656163953Srrs (atomic_cmpset_int(&inp->sctp_flags, flags, (flags | SCTP_PCB_FLAGS_SOCKET_GONE | SCTP_PCB_FLAGS_CLOSE_IP)))) { 657163953Srrs if (((so->so_options & SO_LINGER) && (so->so_linger == 0)) || 658163953Srrs (so->so_rcv.sb_cc > 0)) { 659163953Srrs#ifdef SCTP_LOG_CLOSING 660163953Srrs sctp_log_closing(inp, NULL, 13); 661163953Srrs#endif 662169380Srrs sctp_inpcb_free(inp, SCTP_FREE_SHOULD_USE_ABORT 663169380Srrs ,SCTP_CALLED_AFTER_CMPSET_OFCLOSE); 664163953Srrs } else { 665163953Srrs#ifdef SCTP_LOG_CLOSING 666163953Srrs sctp_log_closing(inp, NULL, 14); 667163953Srrs#endif 668169380Srrs sctp_inpcb_free(inp, SCTP_FREE_SHOULD_USE_GRACEFUL_CLOSE, 669169380Srrs SCTP_CALLED_AFTER_CMPSET_OFCLOSE); 670163953Srrs } 671163953Srrs /* 672163953Srrs * The socket is now detached, no matter what the state of 673163953Srrs * the SCTP association. 674163953Srrs */ 675163953Srrs SOCK_LOCK(so); 676167695Srrs SCTP_SB_CLEAR(so->so_snd); 677163953Srrs /* 678163953Srrs * same for the rcv ones, they are only here for the 679163953Srrs * accounting/select. 680163953Srrs */ 681167695Srrs SCTP_SB_CLEAR(so->so_rcv); 682167695Srrs /* Now null out the reference, we are completely detached. */ 683163953Srrs so->so_pcb = NULL; 684163953Srrs SOCK_UNLOCK(so); 685163953Srrs } else { 686163953Srrs flags = inp->sctp_flags; 687163953Srrs if ((flags & SCTP_PCB_FLAGS_SOCKET_GONE) == 0) { 688163953Srrs goto sctp_must_try_again; 689163953Srrs } 690163953Srrs } 691163953Srrs return; 692163953Srrs 693163953Srrs} 694163953Srrs 695167598Srrs/* This could be made common with sctp_detach() since they are identical */ 696163953Srrs 697168709Srrsstatic 698168709Srrsint 699163953Srrssctp6_disconnect(struct socket *so) 700163953Srrs{ 701163953Srrs struct sctp_inpcb *inp; 702163953Srrs 703163953Srrs inp = (struct sctp_inpcb *)so->so_pcb; 704163953Srrs if (inp == NULL) { 705163953Srrs return (ENOTCONN); 706163953Srrs } 707163953Srrs SCTP_INP_RLOCK(inp); 708163953Srrs if (inp->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) { 709166675Srrs if (SCTP_LIST_EMPTY(&inp->sctp_asoc_list)) { 710163953Srrs /* No connection */ 711163953Srrs SCTP_INP_RUNLOCK(inp); 712163953Srrs return (ENOTCONN); 713163953Srrs } else { 714163953Srrs int some_on_streamwheel = 0; 715163953Srrs struct sctp_association *asoc; 716163953Srrs struct sctp_tcb *stcb; 717163953Srrs 718163953Srrs stcb = LIST_FIRST(&inp->sctp_asoc_list); 719163953Srrs if (stcb == NULL) { 720163953Srrs SCTP_INP_RUNLOCK(inp); 721163953Srrs return (EINVAL); 722163953Srrs } 723163953Srrs SCTP_TCB_LOCK(stcb); 724163953Srrs asoc = &stcb->asoc; 725163953Srrs if (((so->so_options & SO_LINGER) && 726163953Srrs (so->so_linger == 0)) || 727163953Srrs (so->so_rcv.sb_cc > 0)) { 728163953Srrs if (SCTP_GET_STATE(asoc) != 729163953Srrs SCTP_STATE_COOKIE_WAIT) { 730163953Srrs /* Left with Data unread */ 731168709Srrs struct mbuf *op_err; 732163953Srrs 733168709Srrs op_err = sctp_generate_invmanparam(SCTP_CAUSE_USER_INITIATED_ABT); 734168709Srrs sctp_send_abort_tcb(stcb, op_err); 735163953Srrs SCTP_STAT_INCR_COUNTER32(sctps_aborted); 736163953Srrs } 737163953Srrs SCTP_INP_RUNLOCK(inp); 738163953Srrs if ((SCTP_GET_STATE(&stcb->asoc) == SCTP_STATE_OPEN) || 739163953Srrs (SCTP_GET_STATE(&stcb->asoc) == SCTP_STATE_SHUTDOWN_RECEIVED)) { 740163953Srrs SCTP_STAT_DECR_GAUGE32(sctps_currestab); 741163953Srrs } 742165220Srrs sctp_free_assoc(inp, stcb, SCTP_DONOT_SETSCOPE, 743165220Srrs SCTP_FROM_SCTP6_USRREQ + SCTP_LOC_2); 744163953Srrs /* No unlock tcb assoc is gone */ 745163953Srrs return (0); 746163953Srrs } 747163953Srrs if (!TAILQ_EMPTY(&asoc->out_wheel)) { 748163953Srrs /* Check to see if some data queued */ 749163953Srrs struct sctp_stream_out *outs; 750163953Srrs 751163953Srrs TAILQ_FOREACH(outs, &asoc->out_wheel, 752163953Srrs next_spoke) { 753163953Srrs if (!TAILQ_EMPTY(&outs->outqueue)) { 754163953Srrs some_on_streamwheel = 1; 755163953Srrs break; 756163953Srrs } 757163953Srrs } 758163953Srrs } 759163953Srrs if (TAILQ_EMPTY(&asoc->send_queue) && 760163953Srrs TAILQ_EMPTY(&asoc->sent_queue) && 761163953Srrs (some_on_streamwheel == 0)) { 762163953Srrs /* nothing queued to send, so I'm done... */ 763163953Srrs if ((SCTP_GET_STATE(asoc) != 764163953Srrs SCTP_STATE_SHUTDOWN_SENT) && 765163953Srrs (SCTP_GET_STATE(asoc) != 766163953Srrs SCTP_STATE_SHUTDOWN_ACK_SENT)) { 767163953Srrs /* only send SHUTDOWN the first time */ 768163953Srrs sctp_send_shutdown(stcb, stcb->asoc.primary_destination); 769163953Srrs sctp_chunk_output(stcb->sctp_ep, stcb, 1); 770166675Srrs if ((SCTP_GET_STATE(asoc) == SCTP_STATE_OPEN) || 771166675Srrs (SCTP_GET_STATE(asoc) == SCTP_STATE_SHUTDOWN_RECEIVED)) { 772166675Srrs SCTP_STAT_DECR_GAUGE32(sctps_currestab); 773166675Srrs } 774163953Srrs asoc->state = SCTP_STATE_SHUTDOWN_SENT; 775163953Srrs sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWN, 776163953Srrs stcb->sctp_ep, stcb, 777163953Srrs asoc->primary_destination); 778163953Srrs sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWNGUARD, 779163953Srrs stcb->sctp_ep, stcb, 780163953Srrs asoc->primary_destination); 781163953Srrs } 782163953Srrs } else { 783163953Srrs /* 784163953Srrs * we still got (or just got) data to send, 785163953Srrs * so set SHUTDOWN_PENDING 786163953Srrs */ 787163953Srrs /* 788163953Srrs * XXX sockets draft says that MSG_EOF 789163953Srrs * should be sent with no data. currently, 790163953Srrs * we will allow user data to be sent first 791163953Srrs * and move to SHUTDOWN-PENDING 792163953Srrs */ 793163953Srrs asoc->state |= SCTP_STATE_SHUTDOWN_PENDING; 794163953Srrs } 795163953Srrs SCTP_TCB_UNLOCK(stcb); 796163953Srrs SCTP_INP_RUNLOCK(inp); 797163953Srrs return (0); 798163953Srrs } 799163953Srrs } else { 800163953Srrs /* UDP model does not support this */ 801163953Srrs SCTP_INP_RUNLOCK(inp); 802163953Srrs return EOPNOTSUPP; 803163953Srrs } 804163953Srrs} 805163953Srrs 806168709Srrs 807163953Srrsint 808163953Srrssctp_sendm(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr, 809163953Srrs struct mbuf *control, struct thread *p); 810163953Srrs 811163953Srrs 812163953Srrsstatic int 813163953Srrssctp6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr, 814163953Srrs struct mbuf *control, struct thread *p) 815163953Srrs{ 816163953Srrs struct sctp_inpcb *inp; 817163953Srrs struct inpcb *in_inp; 818163953Srrs struct in6pcb *inp6; 819163953Srrs 820163953Srrs#ifdef INET 821163953Srrs struct sockaddr_in6 *sin6; 822163953Srrs 823163953Srrs#endif /* INET */ 824163953Srrs /* No SPL needed since sctp_output does this */ 825163953Srrs 826163953Srrs inp = (struct sctp_inpcb *)so->so_pcb; 827163953Srrs if (inp == NULL) { 828163953Srrs if (control) { 829169352Srrs SCTP_RELEASE_PKT(control); 830163953Srrs control = NULL; 831163953Srrs } 832169352Srrs SCTP_RELEASE_PKT(m); 833163953Srrs return EINVAL; 834163953Srrs } 835163953Srrs in_inp = (struct inpcb *)inp; 836163953Srrs inp6 = (struct in6pcb *)inp; 837163953Srrs /* 838163953Srrs * For the TCP model we may get a NULL addr, if we are a connected 839163953Srrs * socket thats ok. 840163953Srrs */ 841163953Srrs if ((inp->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) && 842163953Srrs (addr == NULL)) { 843163953Srrs goto connected_type; 844163953Srrs } 845163953Srrs if (addr == NULL) { 846169352Srrs SCTP_RELEASE_PKT(m); 847163953Srrs if (control) { 848169352Srrs SCTP_RELEASE_PKT(control); 849163953Srrs control = NULL; 850163953Srrs } 851163953Srrs return (EDESTADDRREQ); 852163953Srrs } 853163953Srrs#ifdef INET 854163953Srrs sin6 = (struct sockaddr_in6 *)addr; 855166023Srrs if (SCTP_IPV6_V6ONLY(inp6)) { 856163953Srrs /* 857163953Srrs * if IPV6_V6ONLY flag, we discard datagrams destined to a 858163953Srrs * v4 addr or v4-mapped addr 859163953Srrs */ 860163953Srrs if (addr->sa_family == AF_INET) { 861163953Srrs return EINVAL; 862163953Srrs } 863163953Srrs if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 864163953Srrs return EINVAL; 865163953Srrs } 866163953Srrs } 867163953Srrs if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 868163953Srrs if (!ip6_v6only) { 869163953Srrs struct sockaddr_in sin; 870163953Srrs 871163953Srrs /* convert v4-mapped into v4 addr and send */ 872163953Srrs in6_sin6_2_sin(&sin, sin6); 873163953Srrs return sctp_sendm(so, flags, m, (struct sockaddr *)&sin, 874163953Srrs control, p); 875163953Srrs } else { 876163953Srrs /* mapped addresses aren't enabled */ 877163953Srrs return EINVAL; 878163953Srrs } 879163953Srrs } 880163953Srrs#endif /* INET */ 881163953Srrsconnected_type: 882163953Srrs /* now what about control */ 883163953Srrs if (control) { 884163953Srrs if (inp->control) { 885169420Srrs SCTP_PRINTF("huh? control set?\n"); 886169352Srrs SCTP_RELEASE_PKT(inp->control); 887163953Srrs inp->control = NULL; 888163953Srrs } 889163953Srrs inp->control = control; 890163953Srrs } 891163953Srrs /* Place the data */ 892163953Srrs if (inp->pkt) { 893165647Srrs SCTP_BUF_NEXT(inp->pkt_last) = m; 894163953Srrs inp->pkt_last = m; 895163953Srrs } else { 896163953Srrs inp->pkt_last = inp->pkt = m; 897163953Srrs } 898163953Srrs if ( 899163953Srrs /* FreeBSD and MacOSX uses a flag passed */ 900163953Srrs ((flags & PRUS_MORETOCOME) == 0) 901163953Srrs ) { 902163953Srrs /* 903163953Srrs * note with the current version this code will only be used 904163953Srrs * by OpenBSD, NetBSD and FreeBSD have methods for 905163953Srrs * re-defining sosend() to use sctp_sosend(). One can 906163953Srrs * optionaly switch back to this code (by changing back the 907163953Srrs * defininitions but this is not advisable. 908163953Srrs */ 909163953Srrs int ret; 910163953Srrs 911163953Srrs ret = sctp_output(inp, inp->pkt, addr, inp->control, p, flags); 912163953Srrs inp->pkt = NULL; 913163953Srrs inp->control = NULL; 914163953Srrs return (ret); 915163953Srrs } else { 916163953Srrs return (0); 917163953Srrs } 918163953Srrs} 919163953Srrs 920163953Srrsstatic int 921163953Srrssctp6_connect(struct socket *so, struct sockaddr *addr, struct thread *p) 922163953Srrs{ 923167598Srrs uint32_t vrf_id; 924163953Srrs int error = 0; 925163953Srrs struct sctp_inpcb *inp; 926163953Srrs struct in6pcb *inp6; 927163953Srrs struct sctp_tcb *stcb; 928163953Srrs 929163953Srrs#ifdef INET 930163953Srrs struct sockaddr_in6 *sin6; 931163953Srrs struct sockaddr_storage ss; 932163953Srrs 933163953Srrs#endif /* INET */ 934163953Srrs 935163953Srrs inp6 = (struct in6pcb *)so->so_pcb; 936163953Srrs inp = (struct sctp_inpcb *)so->so_pcb; 937163953Srrs if (inp == 0) { 938163953Srrs return (ECONNRESET); /* I made the same as TCP since we are 939163953Srrs * not setup? */ 940163953Srrs } 941168299Srrs vrf_id = inp->def_vrf_id; 942163953Srrs SCTP_ASOC_CREATE_LOCK(inp); 943163953Srrs SCTP_INP_RLOCK(inp); 944163953Srrs if ((inp->sctp_flags & SCTP_PCB_FLAGS_UNBOUND) == 945163953Srrs SCTP_PCB_FLAGS_UNBOUND) { 946163953Srrs /* Bind a ephemeral port */ 947163953Srrs SCTP_INP_RUNLOCK(inp); 948163953Srrs error = sctp6_bind(so, NULL, p); 949163953Srrs if (error) { 950163953Srrs SCTP_ASOC_CREATE_UNLOCK(inp); 951163953Srrs 952163953Srrs return (error); 953163953Srrs } 954163953Srrs SCTP_INP_RLOCK(inp); 955163953Srrs } 956163953Srrs if ((inp->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) && 957163953Srrs (inp->sctp_flags & SCTP_PCB_FLAGS_CONNECTED)) { 958163953Srrs /* We are already connected AND the TCP model */ 959163953Srrs SCTP_INP_RUNLOCK(inp); 960163953Srrs SCTP_ASOC_CREATE_UNLOCK(inp); 961163953Srrs return (EADDRINUSE); 962163953Srrs } 963163953Srrs#ifdef INET 964163953Srrs sin6 = (struct sockaddr_in6 *)addr; 965166023Srrs if (SCTP_IPV6_V6ONLY(inp6)) { 966163953Srrs /* 967163953Srrs * if IPV6_V6ONLY flag, ignore connections destined to a v4 968163953Srrs * addr or v4-mapped addr 969163953Srrs */ 970163953Srrs if (addr->sa_family == AF_INET) { 971163953Srrs SCTP_INP_RUNLOCK(inp); 972163953Srrs SCTP_ASOC_CREATE_UNLOCK(inp); 973163953Srrs return EINVAL; 974163953Srrs } 975163953Srrs if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 976163953Srrs SCTP_INP_RUNLOCK(inp); 977163953Srrs SCTP_ASOC_CREATE_UNLOCK(inp); 978163953Srrs return EINVAL; 979163953Srrs } 980163953Srrs } 981163953Srrs if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 982163953Srrs if (!ip6_v6only) { 983163953Srrs /* convert v4-mapped into v4 addr */ 984163953Srrs in6_sin6_2_sin((struct sockaddr_in *)&ss, sin6); 985163953Srrs addr = (struct sockaddr *)&ss; 986163953Srrs } else { 987163953Srrs /* mapped addresses aren't enabled */ 988163953Srrs SCTP_INP_RUNLOCK(inp); 989163953Srrs SCTP_ASOC_CREATE_UNLOCK(inp); 990163953Srrs return EINVAL; 991163953Srrs } 992163953Srrs } else 993163953Srrs#endif /* INET */ 994163953Srrs addr = addr; /* for true v6 address case */ 995163953Srrs 996163953Srrs /* Now do we connect? */ 997163953Srrs if (inp->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) { 998163953Srrs stcb = LIST_FIRST(&inp->sctp_asoc_list); 999169420Srrs if (stcb) { 1000163953Srrs SCTP_TCB_UNLOCK(stcb); 1001169420Srrs } 1002163953Srrs SCTP_INP_RUNLOCK(inp); 1003163953Srrs } else { 1004163953Srrs SCTP_INP_RUNLOCK(inp); 1005163953Srrs SCTP_INP_WLOCK(inp); 1006163953Srrs SCTP_INP_INCR_REF(inp); 1007163953Srrs SCTP_INP_WUNLOCK(inp); 1008163953Srrs stcb = sctp_findassociation_ep_addr(&inp, addr, NULL, NULL, NULL); 1009163953Srrs if (stcb == NULL) { 1010163953Srrs SCTP_INP_WLOCK(inp); 1011163953Srrs SCTP_INP_DECR_REF(inp); 1012163953Srrs SCTP_INP_WUNLOCK(inp); 1013163953Srrs } 1014163953Srrs } 1015163953Srrs 1016163953Srrs if (stcb != NULL) { 1017163953Srrs /* Already have or am bring up an association */ 1018163953Srrs SCTP_ASOC_CREATE_UNLOCK(inp); 1019163953Srrs SCTP_TCB_UNLOCK(stcb); 1020163953Srrs return (EALREADY); 1021163953Srrs } 1022163953Srrs /* We are GOOD to go */ 1023167598Srrs stcb = sctp_aloc_assoc(inp, addr, 1, &error, 0, vrf_id); 1024163953Srrs SCTP_ASOC_CREATE_UNLOCK(inp); 1025163953Srrs if (stcb == NULL) { 1026163953Srrs /* Gak! no memory */ 1027163953Srrs return (error); 1028163953Srrs } 1029163953Srrs if (stcb->sctp_ep->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) { 1030163953Srrs stcb->sctp_ep->sctp_flags |= SCTP_PCB_FLAGS_CONNECTED; 1031163953Srrs /* Set the connected flag so we can queue data */ 1032163953Srrs soisconnecting(so); 1033163953Srrs } 1034163953Srrs stcb->asoc.state = SCTP_STATE_COOKIE_WAIT; 1035169420Srrs (void)SCTP_GETTIME_TIMEVAL(&stcb->asoc.time_entered); 1036163953Srrs 1037163953Srrs /* initialize authentication parameters for the assoc */ 1038163953Srrs sctp_initialize_auth_params(inp, stcb); 1039163953Srrs 1040163953Srrs sctp_send_initiate(inp, stcb); 1041163953Srrs SCTP_TCB_UNLOCK(stcb); 1042163953Srrs return error; 1043163953Srrs} 1044163953Srrs 1045163953Srrsstatic int 1046163953Srrssctp6_getaddr(struct socket *so, struct sockaddr **addr) 1047163953Srrs{ 1048163953Srrs struct sockaddr_in6 *sin6; 1049163953Srrs struct sctp_inpcb *inp; 1050167598Srrs uint32_t vrf_id; 1051167598Srrs struct sctp_ifa *sctp_ifa; 1052163953Srrs 1053163953Srrs int error; 1054163953Srrs 1055163953Srrs /* 1056163953Srrs * Do the malloc first in case it blocks. 1057163953Srrs */ 1058163953Srrs SCTP_MALLOC_SONAME(sin6, struct sockaddr_in6 *, sizeof *sin6); 1059163953Srrs sin6->sin6_family = AF_INET6; 1060163953Srrs sin6->sin6_len = sizeof(*sin6); 1061163953Srrs 1062163953Srrs inp = (struct sctp_inpcb *)so->so_pcb; 1063163953Srrs if (inp == NULL) { 1064163953Srrs SCTP_FREE_SONAME(sin6); 1065163953Srrs return ECONNRESET; 1066163953Srrs } 1067163953Srrs SCTP_INP_RLOCK(inp); 1068163953Srrs sin6->sin6_port = inp->sctp_lport; 1069163953Srrs if (inp->sctp_flags & SCTP_PCB_FLAGS_BOUNDALL) { 1070163953Srrs /* For the bound all case you get back 0 */ 1071163953Srrs if (inp->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) { 1072163953Srrs struct sctp_tcb *stcb; 1073163953Srrs struct sockaddr_in6 *sin_a6; 1074163953Srrs struct sctp_nets *net; 1075163953Srrs int fnd; 1076163953Srrs 1077163953Srrs stcb = LIST_FIRST(&inp->sctp_asoc_list); 1078163953Srrs if (stcb == NULL) { 1079163953Srrs goto notConn6; 1080163953Srrs } 1081163953Srrs fnd = 0; 1082163953Srrs sin_a6 = NULL; 1083163953Srrs TAILQ_FOREACH(net, &stcb->asoc.nets, sctp_next) { 1084163953Srrs sin_a6 = (struct sockaddr_in6 *)&net->ro._l_addr; 1085164085Srrs if (sin_a6 == NULL) 1086164085Srrs /* this will make coverity happy */ 1087164085Srrs continue; 1088164085Srrs 1089163953Srrs if (sin_a6->sin6_family == AF_INET6) { 1090163953Srrs fnd = 1; 1091163953Srrs break; 1092163953Srrs } 1093163953Srrs } 1094163953Srrs if ((!fnd) || (sin_a6 == NULL)) { 1095163953Srrs /* punt */ 1096163953Srrs goto notConn6; 1097163953Srrs } 1098168299Srrs vrf_id = inp->def_vrf_id; 1099168299Srrs sctp_ifa = sctp_source_address_selection(inp, stcb, (sctp_route_t *) & net->ro, net, 0, vrf_id); 1100167598Srrs if (sctp_ifa) { 1101167598Srrs sin6->sin6_addr = sctp_ifa->address.sin6.sin6_addr; 1102167598Srrs } 1103163953Srrs } else { 1104163953Srrs /* For the bound all case you get back 0 */ 1105163953Srrs notConn6: 1106163953Srrs memset(&sin6->sin6_addr, 0, sizeof(sin6->sin6_addr)); 1107163953Srrs } 1108163953Srrs } else { 1109163953Srrs /* Take the first IPv6 address in the list */ 1110163953Srrs struct sctp_laddr *laddr; 1111163953Srrs int fnd = 0; 1112163953Srrs 1113163953Srrs LIST_FOREACH(laddr, &inp->sctp_addr_list, sctp_nxt_addr) { 1114167598Srrs if (laddr->ifa->address.sa.sa_family == AF_INET6) { 1115163953Srrs struct sockaddr_in6 *sin_a; 1116163953Srrs 1117167598Srrs sin_a = (struct sockaddr_in6 *)&laddr->ifa->address.sin6; 1118163953Srrs sin6->sin6_addr = sin_a->sin6_addr; 1119163953Srrs fnd = 1; 1120163953Srrs break; 1121163953Srrs } 1122163953Srrs } 1123163953Srrs if (!fnd) { 1124163953Srrs SCTP_FREE_SONAME(sin6); 1125163953Srrs SCTP_INP_RUNLOCK(inp); 1126163953Srrs return ENOENT; 1127163953Srrs } 1128163953Srrs } 1129163953Srrs SCTP_INP_RUNLOCK(inp); 1130163953Srrs /* Scoping things for v6 */ 1131164085Srrs if ((error = sa6_recoverscope(sin6)) != 0) { 1132164085Srrs SCTP_FREE_SONAME(sin6); 1133163953Srrs return (error); 1134164085Srrs } 1135163953Srrs (*addr) = (struct sockaddr *)sin6; 1136163953Srrs return (0); 1137163953Srrs} 1138163953Srrs 1139163953Srrsstatic int 1140163953Srrssctp6_peeraddr(struct socket *so, struct sockaddr **addr) 1141163953Srrs{ 1142163953Srrs struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)*addr; 1143163953Srrs int fnd; 1144163953Srrs struct sockaddr_in6 *sin_a6; 1145163953Srrs struct sctp_inpcb *inp; 1146163953Srrs struct sctp_tcb *stcb; 1147163953Srrs struct sctp_nets *net; 1148163953Srrs 1149163953Srrs int error; 1150163953Srrs 1151163953Srrs /* 1152163953Srrs * Do the malloc first in case it blocks. 1153163953Srrs */ 1154163953Srrs inp = (struct sctp_inpcb *)so->so_pcb; 1155163953Srrs if ((inp->sctp_flags & SCTP_PCB_FLAGS_CONNECTED) == 0) { 1156163953Srrs /* UDP type and listeners will drop out here */ 1157163953Srrs return (ENOTCONN); 1158163953Srrs } 1159163953Srrs SCTP_MALLOC_SONAME(sin6, struct sockaddr_in6 *, sizeof *sin6); 1160163953Srrs sin6->sin6_family = AF_INET6; 1161163953Srrs sin6->sin6_len = sizeof(*sin6); 1162163953Srrs 1163163953Srrs /* We must recapture incase we blocked */ 1164163953Srrs inp = (struct sctp_inpcb *)so->so_pcb; 1165163953Srrs if (inp == NULL) { 1166163953Srrs SCTP_FREE_SONAME(sin6); 1167163953Srrs return ECONNRESET; 1168163953Srrs } 1169163953Srrs SCTP_INP_RLOCK(inp); 1170163953Srrs stcb = LIST_FIRST(&inp->sctp_asoc_list); 1171169420Srrs if (stcb) { 1172163953Srrs SCTP_TCB_LOCK(stcb); 1173169420Srrs } 1174163953Srrs SCTP_INP_RUNLOCK(inp); 1175163953Srrs if (stcb == NULL) { 1176163953Srrs SCTP_FREE_SONAME(sin6); 1177163953Srrs return ECONNRESET; 1178163953Srrs } 1179163953Srrs fnd = 0; 1180163953Srrs TAILQ_FOREACH(net, &stcb->asoc.nets, sctp_next) { 1181163953Srrs sin_a6 = (struct sockaddr_in6 *)&net->ro._l_addr; 1182163953Srrs if (sin_a6->sin6_family == AF_INET6) { 1183163953Srrs fnd = 1; 1184163953Srrs sin6->sin6_port = stcb->rport; 1185163953Srrs sin6->sin6_addr = sin_a6->sin6_addr; 1186163953Srrs break; 1187163953Srrs } 1188163953Srrs } 1189163953Srrs SCTP_TCB_UNLOCK(stcb); 1190163953Srrs if (!fnd) { 1191163953Srrs /* No IPv4 address */ 1192163953Srrs SCTP_FREE_SONAME(sin6); 1193163953Srrs return ENOENT; 1194163953Srrs } 1195163953Srrs if ((error = sa6_recoverscope(sin6)) != 0) 1196163953Srrs return (error); 1197163953Srrs *addr = (struct sockaddr *)sin6; 1198163953Srrs return (0); 1199163953Srrs} 1200163953Srrs 1201163953Srrsstatic int 1202163953Srrssctp6_in6getaddr(struct socket *so, struct sockaddr **nam) 1203163953Srrs{ 1204163953Srrs struct sockaddr *addr; 1205163953Srrs struct in6pcb *inp6 = sotoin6pcb(so); 1206166086Srrs int error; 1207163953Srrs 1208163953Srrs if (inp6 == NULL) 1209163953Srrs return EINVAL; 1210163953Srrs 1211163953Srrs /* allow v6 addresses precedence */ 1212163953Srrs error = sctp6_getaddr(so, nam); 1213163953Srrs if (error) { 1214163953Srrs /* try v4 next if v6 failed */ 1215163953Srrs error = sctp_ingetaddr(so, nam); 1216163953Srrs if (error) { 1217163953Srrs return (error); 1218163953Srrs } 1219163953Srrs addr = *nam; 1220163953Srrs /* if I'm V6ONLY, convert it to v4-mapped */ 1221166023Srrs if (SCTP_IPV6_V6ONLY(inp6)) { 1222163953Srrs struct sockaddr_in6 sin6; 1223163953Srrs 1224163953Srrs in6_sin_2_v4mapsin6((struct sockaddr_in *)addr, &sin6); 1225163953Srrs memcpy(addr, &sin6, sizeof(struct sockaddr_in6)); 1226168709Srrs 1227163953Srrs } 1228163953Srrs } 1229163953Srrs return (error); 1230163953Srrs} 1231163953Srrs 1232163953Srrs 1233163953Srrsstatic int 1234163953Srrssctp6_getpeeraddr(struct socket *so, struct sockaddr **nam) 1235163953Srrs{ 1236163953Srrs struct sockaddr *addr = *nam; 1237163953Srrs struct in6pcb *inp6 = sotoin6pcb(so); 1238166086Srrs int error; 1239163953Srrs 1240163953Srrs if (inp6 == NULL) 1241163953Srrs return EINVAL; 1242163953Srrs 1243163953Srrs /* allow v6 addresses precedence */ 1244163953Srrs error = sctp6_peeraddr(so, nam); 1245163953Srrs if (error) { 1246163953Srrs /* try v4 next if v6 failed */ 1247163953Srrs error = sctp_peeraddr(so, nam); 1248163953Srrs if (error) { 1249163953Srrs return (error); 1250163953Srrs } 1251163953Srrs /* if I'm V6ONLY, convert it to v4-mapped */ 1252166023Srrs if (SCTP_IPV6_V6ONLY(inp6)) { 1253163953Srrs struct sockaddr_in6 sin6; 1254163953Srrs 1255163953Srrs in6_sin_2_v4mapsin6((struct sockaddr_in *)addr, &sin6); 1256163953Srrs memcpy(addr, &sin6, sizeof(struct sockaddr_in6)); 1257163953Srrs } 1258163953Srrs } 1259163953Srrs return error; 1260163953Srrs} 1261163953Srrs 1262163953Srrsstruct pr_usrreqs sctp6_usrreqs = { 1263163953Srrs .pru_abort = sctp6_abort, 1264163953Srrs .pru_accept = sctp_accept, 1265163953Srrs .pru_attach = sctp6_attach, 1266163953Srrs .pru_bind = sctp6_bind, 1267163953Srrs .pru_connect = sctp6_connect, 1268163953Srrs .pru_control = in6_control, 1269163953Srrs .pru_close = sctp6_close, 1270163953Srrs .pru_detach = sctp6_close, 1271163953Srrs .pru_sopoll = sopoll_generic, 1272163953Srrs .pru_disconnect = sctp6_disconnect, 1273163953Srrs .pru_listen = sctp_listen, 1274163953Srrs .pru_peeraddr = sctp6_getpeeraddr, 1275163953Srrs .pru_send = sctp6_send, 1276163953Srrs .pru_shutdown = sctp_shutdown, 1277163953Srrs .pru_sockaddr = sctp6_in6getaddr, 1278163953Srrs .pru_sosend = sctp_sosend, 1279163953Srrs .pru_soreceive = sctp_soreceive 1280163953Srrs}; 1281