ip6opt.c revision 241844 
1/*	$KAME: ip6opt.c,v 1.13 2003/06/06 10:08:20 suz Exp $	*/
2
3/*
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 *    notice, this list of conditions and the following disclaimer in the
14 *    documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 *    may be used to endorse or promote products derived from this software
17 *    without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32#include <sys/cdefs.h>
33__FBSDID("$FreeBSD: head/lib/libc/net/ip6opt.c 241844 2012-10-22 03:00:37Z eadler $");
34
35#include <sys/param.h>
36#include <sys/types.h>
37#include <sys/socket.h>
38
39#include <netinet/in.h>
40#include <netinet/ip6.h>
41
42#include <string.h>
43#include <stdio.h>
44
45static int ip6optlen(u_int8_t *opt, u_int8_t *lim);
46static void inet6_insert_padopt(u_char *p, int len);
47
48/*
49 * This function returns the number of bytes required to hold an option
50 * when it is stored as ancillary data, including the cmsghdr structure
51 * at the beginning, and any padding at the end (to make its size a
52 * multiple of 8 bytes).  The argument is the size of the structure
53 * defining the option, which must include any pad bytes at the
54 * beginning (the value y in the alignment term "xn + y"), the type
55 * byte, the length byte, and the option data.
56 */
57int
58inet6_option_space(int nbytes)
59{
60	nbytes += 2;	/* we need space for nxt-hdr and length fields */
61	return(CMSG_SPACE((nbytes + 7) & ~7));
62}
63
64/*
65 * This function is called once per ancillary data object that will
66 * contain either Hop-by-Hop or Destination options.  It returns 0 on
67 * success or -1 on an error.
68 */
69int
70inet6_option_init(void *bp, struct cmsghdr **cmsgp, int type)
71{
72	struct cmsghdr *ch = (struct cmsghdr *)bp;
73
74	/* argument validation */
75	if (type != IPV6_HOPOPTS && type != IPV6_DSTOPTS)
76		return(-1);
77
78	ch->cmsg_level = IPPROTO_IPV6;
79	ch->cmsg_type = type;
80	ch->cmsg_len = CMSG_LEN(0);
81
82	*cmsgp = ch;
83	return(0);
84}
85
86/*
87 * This function appends a Hop-by-Hop option or a Destination option
88 * into an ancillary data object that has been initialized by
89 * inet6_option_init().  This function returns 0 if it succeeds or -1 on
90 * an error.
91 * multx is the value x in the alignment term "xn + y" described
92 * earlier.  It must have a value of 1, 2, 4, or 8.
93 * plusy is the value y in the alignment term "xn + y" described
94 * earlier.  It must have a value between 0 and 7, inclusive.
95 */
96int
97inet6_option_append(struct cmsghdr *cmsg, const u_int8_t *typep, int multx,
98    int plusy)
99{
100	int padlen, optlen, off;
101	u_char *bp = (u_char *)cmsg + cmsg->cmsg_len;
102	struct ip6_ext *eh = (struct ip6_ext *)CMSG_DATA(cmsg);
103
104	/* argument validation */
105	if (multx != 1 && multx != 2 && multx != 4 && multx != 8)
106		return(-1);
107	if (plusy < 0 || plusy > 7)
108		return(-1);
109
110	/*
111	 * If this is the first option, allocate space for the
112	 * first 2 bytes(for next header and length fields) of
113	 * the option header.
114	 */
115	if (bp == (u_char *)eh) {
116		bp += 2;
117		cmsg->cmsg_len += 2;
118	}
119
120	/* calculate pad length before the option. */
121	off = bp - (u_char *)eh;
122	padlen = (((off % multx) + (multx - 1)) & ~(multx - 1)) -
123		(off % multx);
124	padlen += plusy;
125	padlen %= multx;	/* keep the pad as short as possible */
126	/* insert padding */
127	inet6_insert_padopt(bp, padlen);
128	cmsg->cmsg_len += padlen;
129	bp += padlen;
130
131	/* copy the option */
132	if (typep[0] == IP6OPT_PAD1)
133		optlen = 1;
134	else
135		optlen = typep[1] + 2;
136	memcpy(bp, typep, optlen);
137	bp += optlen;
138	cmsg->cmsg_len += optlen;
139
140	/* calculate pad length after the option and insert the padding */
141	off = bp - (u_char *)eh;
142	padlen = ((off + 7) & ~7) - off;
143	inet6_insert_padopt(bp, padlen);
144	bp += padlen;
145	cmsg->cmsg_len += padlen;
146
147	/* update the length field of the ip6 option header */
148	eh->ip6e_len = ((bp - (u_char *)eh) >> 3) - 1;
149
150	return(0);
151}
152
153/*
154 * This function appends a Hop-by-Hop option or a Destination option
155 * into an ancillary data object that has been initialized by
156 * inet6_option_init().  This function returns a pointer to the 8-bit
157 * option type field that starts the option on success, or NULL on an
158 * error.
159 * The difference between this function and inet6_option_append() is
160 * that the latter copies the contents of a previously built option into
161 * the ancillary data object while the current function returns a
162 * pointer to the space in the data object where the option's TLV must
163 * then be built by the caller.
164 *
165 */
166u_int8_t *
167inet6_option_alloc(struct cmsghdr *cmsg, int datalen, int multx, int plusy)
168{
169	int padlen, off;
170	u_int8_t *bp = (u_char *)cmsg + cmsg->cmsg_len;
171	u_int8_t *retval;
172	struct ip6_ext *eh = (struct ip6_ext *)CMSG_DATA(cmsg);
173
174	/* argument validation */
175	if (multx != 1 && multx != 2 && multx != 4 && multx != 8)
176		return(NULL);
177	if (plusy < 0 || plusy > 7)
178		return(NULL);
179
180	/*
181	 * If this is the first option, allocate space for the
182	 * first 2 bytes(for next header and length fields) of
183	 * the option header.
184	 */
185	if (bp == (u_char *)eh) {
186		bp += 2;
187		cmsg->cmsg_len += 2;
188	}
189
190	/* calculate pad length before the option. */
191	off = bp - (u_char *)eh;
192	padlen = (((off % multx) + (multx - 1)) & ~(multx - 1)) -
193		(off % multx);
194	padlen += plusy;
195	padlen %= multx;	/* keep the pad as short as possible */
196	/* insert padding */
197	inet6_insert_padopt(bp, padlen);
198	cmsg->cmsg_len += padlen;
199	bp += padlen;
200
201	/* keep space to store specified length of data */
202	retval = bp;
203	bp += datalen;
204	cmsg->cmsg_len += datalen;
205
206	/* calculate pad length after the option and insert the padding */
207	off = bp - (u_char *)eh;
208	padlen = ((off + 7) & ~7) - off;
209	inet6_insert_padopt(bp, padlen);
210	bp += padlen;
211	cmsg->cmsg_len += padlen;
212
213	/* update the length field of the ip6 option header */
214	eh->ip6e_len = ((bp - (u_char *)eh) >> 3) - 1;
215
216	return(retval);
217}
218
219/*
220 * This function processes the next Hop-by-Hop option or Destination
221 * option in an ancillary data object.  If another option remains to be
222 * processed, the return value of the function is 0 and *tptrp points to
223 * the 8-bit option type field (which is followed by the 8-bit option
224 * data length, followed by the option data).  If no more options remain
225 * to be processed, the return value is -1 and *tptrp is NULL.  If an
226 * error occurs, the return value is -1 and *tptrp is not NULL.
227 * (RFC 2292, 6.3.5)
228 */
229int
230inet6_option_next(const struct cmsghdr *cmsg, u_int8_t **tptrp)
231{
232	struct ip6_ext *ip6e;
233	int hdrlen, optlen;
234	u_int8_t *lim;
235
236	if (cmsg->cmsg_level != IPPROTO_IPV6 ||
237	    (cmsg->cmsg_type != IPV6_HOPOPTS &&
238	     cmsg->cmsg_type != IPV6_DSTOPTS))
239		return(-1);
240
241	/* message length validation */
242	if (cmsg->cmsg_len < CMSG_SPACE(sizeof(struct ip6_ext)))
243		return(-1);
244	ip6e = (struct ip6_ext *)CMSG_DATA(cmsg);
245	hdrlen = (ip6e->ip6e_len + 1) << 3;
246	if (cmsg->cmsg_len < CMSG_SPACE(hdrlen))
247		return(-1);
248
249	/*
250	 * If the caller does not specify the starting point,
251	 * simply return the 1st option.
252	 * Otherwise, search the option list for the next option.
253	 */
254	lim = (u_int8_t *)ip6e + hdrlen;
255	if (*tptrp == NULL)
256		*tptrp = (u_int8_t *)(ip6e + 1);
257	else {
258		if ((optlen = ip6optlen(*tptrp, lim)) == 0)
259			return(-1);
260
261		*tptrp = *tptrp + optlen;
262	}
263	if (*tptrp >= lim) {	/* there is no option */
264		*tptrp = NULL;
265		return(-1);
266	}
267	/*
268	 * Finally, checks if the next option is safely stored in the
269	 * cmsg data.
270	 */
271	if (ip6optlen(*tptrp, lim) == 0)
272		return(-1);
273	else
274		return(0);
275}
276
277/*
278 * This function is similar to the inet6_option_next() function,
279 * except this function lets the caller specify the option type to be
280 * searched for, instead of always returning the next option in the
281 * ancillary data object.
282 * Note: RFC 2292 says the type of tptrp is u_int8_t *, but we think
283 *       it's a typo. The variable should be type of u_int8_t **.
284 */
285int
286inet6_option_find(const struct cmsghdr *cmsg, u_int8_t **tptrp, int type)
287{
288	struct ip6_ext *ip6e;
289	int hdrlen, optlen;
290	u_int8_t *optp, *lim;
291
292	if (cmsg->cmsg_level != IPPROTO_IPV6 ||
293	    (cmsg->cmsg_type != IPV6_HOPOPTS &&
294	     cmsg->cmsg_type != IPV6_DSTOPTS))
295		return(-1);
296
297	/* message length validation */
298	if (cmsg->cmsg_len < CMSG_SPACE(sizeof(struct ip6_ext)))
299		return(-1);
300	ip6e = (struct ip6_ext *)CMSG_DATA(cmsg);
301	hdrlen = (ip6e->ip6e_len + 1) << 3;
302	if (cmsg->cmsg_len < CMSG_SPACE(hdrlen))
303		return(-1);
304
305	/*
306	 * If the caller does not specify the starting point,
307	 * search from the beginning of the option list.
308	 * Otherwise, search from *the next option* of the specified point.
309	 */
310	lim = (u_int8_t *)ip6e + hdrlen;
311	if (*tptrp == NULL)
312		*tptrp = (u_int8_t *)(ip6e + 1);
313	else {
314		if ((optlen = ip6optlen(*tptrp, lim)) == 0)
315			return(-1);
316
317		*tptrp = *tptrp + optlen;
318	}
319	for (optp = *tptrp; optp < lim; optp += optlen) {
320		if (*optp == type) {
321			*tptrp = optp;
322			return(0);
323		}
324		if ((optlen = ip6optlen(optp, lim)) == 0)
325			return(-1);
326	}
327
328	/* search failed */
329	*tptrp = NULL;
330	return(-1);
331}
332
333/*
334 * Calculate the length of a given IPv6 option. Also checks
335 * if the option is safely stored in user's buffer according to the
336 * calculated length and the limitation of the buffer.
337 */
338static int
339ip6optlen(u_int8_t *opt, u_int8_t *lim)
340{
341	int optlen;
342
343	if (*opt == IP6OPT_PAD1)
344		optlen = 1;
345	else {
346		/* is there enough space to store type and len? */
347		if (opt + 2 > lim)
348			return(0);
349		optlen = *(opt + 1) + 2;
350	}
351	if (opt + optlen <= lim)
352		return(optlen);
353
354	return(0);
355}
356
357static void
358inet6_insert_padopt(u_char *p, int len)
359{
360	switch(len) {
361	 case 0:
362		 return;
363	 case 1:
364		 p[0] = IP6OPT_PAD1;
365		 return;
366	 default:
367		 p[0] = IP6OPT_PADN;
368		 p[1] = len - 2;
369		 memset(&p[2], 0, len - 2);
370		 return;
371	}
372}
373
374/*
375 * The following functions are defined in RFC3542, which is a successor
376 * of RFC2292.
377 */
378
379int
380inet6_opt_init(void *extbuf, socklen_t extlen)
381{
382	struct ip6_ext *ext = (struct ip6_ext *)extbuf;
383
384	if (extlen < 0 || (extlen % 8))
385		return(-1);
386
387	if (ext) {
388		if (extlen == 0)
389			return(-1);
390		ext->ip6e_len = (extlen >> 3) - 1;
391	}
392
393	return(2);		/* sizeof the next and the length fields */
394}
395
396int
397inet6_opt_append(void *extbuf, socklen_t extlen, int offset, u_int8_t type,
398		 socklen_t len, u_int8_t align, void **databufp)
399{
400	int currentlen = offset, padlen = 0;
401
402	/*
403	 * The option type must have a value from 2 to 255, inclusive.
404	 * (0 and 1 are reserved for the Pad1 and PadN options, respectively.)
405	 */
406	if (type < 2)
407		return(-1);
408
409	/*
410	 * The option data length must have a value between 0 and 255,
411	 * inclusive, and is the length of the option data that follows.
412	 */
413	if (len < 0 || len > 255)
414		return(-1);
415
416	/*
417	 * The align parameter must have a value of 1, 2, 4, or 8.
418	 * The align value can not exceed the value of len.
419	 */
420	if (align != 1 && align != 2 && align != 4 && align != 8)
421		return(-1);
422	if (align > len)
423		return(-1);
424
425	/* Calculate the padding length. */
426	currentlen += 2 + len;	/* 2 means "type + len" */
427	if (currentlen % align)
428		padlen = align - (currentlen % align);
429
430	/* The option must fit in the extension header buffer. */
431	currentlen += padlen;
432	if (extlen &&		/* XXX: right? */
433	    currentlen > extlen)
434		return(-1);
435
436	if (extbuf) {
437		u_int8_t *optp = (u_int8_t *)extbuf + offset;
438
439		if (padlen == 1) {
440			/* insert a Pad1 option */
441			*optp = IP6OPT_PAD1;
442			optp++;
443		}
444		else if (padlen > 0) {
445			/* insert a PadN option for alignment */
446			*optp++ = IP6OPT_PADN;
447			*optp++ = padlen - 2;
448			memset(optp, 0, padlen - 2);
449			optp += (padlen - 2);
450		}
451
452		*optp++ = type;
453		*optp++ = len;
454
455		*databufp = optp;
456	}
457
458	return(currentlen);
459}
460
461int
462inet6_opt_finish(void *extbuf, socklen_t extlen, int offset)
463{
464	int updatelen = offset > 0 ? (1 + ((offset - 1) | 7)) : 0;
465
466	if (extbuf) {
467		u_int8_t *padp;
468		int padlen = updatelen - offset;
469
470		if (updatelen > extlen)
471			return(-1);
472
473		padp = (u_int8_t *)extbuf + offset;
474		if (padlen == 1)
475			*padp = IP6OPT_PAD1;
476		else if (padlen > 0) {
477			*padp++ = IP6OPT_PADN;
478			*padp++ = (padlen - 2);
479			memset(padp, 0, padlen - 2);
480		}
481	}
482
483	return(updatelen);
484}
485
486int
487inet6_opt_set_val(void *databuf, int offset, void *val, socklen_t vallen)
488{
489
490	memcpy((u_int8_t *)databuf + offset, val, vallen);
491	return(offset + vallen);
492}
493
494int
495inet6_opt_next(void *extbuf, socklen_t extlen, int offset, u_int8_t *typep,
496	       socklen_t *lenp, void **databufp)
497{
498	u_int8_t *optp, *lim;
499	int optlen;
500
501	/* Validate extlen. XXX: is the variable really necessary?? */
502	if (extlen == 0 || (extlen % 8))
503		return(-1);
504	lim = (u_int8_t *)extbuf + extlen;
505
506	/*
507	 * If this is the first time this function called for this options
508	 * header, simply return the 1st option.
509	 * Otherwise, search the option list for the next option.
510	 */
511	if (offset == 0) {
512		optp = (u_int8_t *)((struct ip6_hbh *)extbuf + 1);
513	}
514	else
515		optp = (u_int8_t *)extbuf + offset;
516
517	/* Find the next option skipping any padding options. */
518	while(optp < lim) {
519		switch(*optp) {
520		case IP6OPT_PAD1:
521			optp++;
522			break;
523		case IP6OPT_PADN:
524			if ((optlen = ip6optlen(optp, lim)) == 0)
525				goto optend;
526			optp += optlen;
527			break;
528		default:	/* found */
529			if ((optlen = ip6optlen(optp, lim)) == 0)
530				goto optend;
531			*typep = *optp;
532			*lenp = optlen - 2;
533			*databufp = optp + 2;
534			return(optp + optlen - (u_int8_t *)extbuf);
535		}
536	}
537
538  optend:
539	*databufp = NULL; /* for safety */
540	return(-1);
541}
542
543int
544inet6_opt_find(void *extbuf, socklen_t extlen, int offset, u_int8_t type,
545	       socklen_t *lenp, void **databufp)
546{
547	u_int8_t *optp, *lim;
548	int optlen;
549
550	/* Validate extlen. XXX: is the variable really necessary?? */
551	if (extlen == 0 || (extlen % 8))
552		return(-1);
553	lim = (u_int8_t *)extbuf + extlen;
554
555	/*
556	 * If this is the first time this function called for this options
557	 * header, simply return the 1st option.
558	 * Otherwise, search the option list for the next option.
559	 */
560	if (offset == 0) {
561		optp = (u_int8_t *)((struct ip6_hbh *)extbuf + 1);
562	}
563	else
564		optp = (u_int8_t *)extbuf + offset;
565
566	/* Find the specified option */
567	while(optp < lim) {
568		if ((optlen = ip6optlen(optp, lim)) == 0)
569			goto optend;
570
571		if (*optp == type) { /* found */
572			*lenp = optlen - 2;
573			*databufp = optp + 2;
574			return(optp + optlen - (u_int8_t *)extbuf);
575		}
576
577		optp += optlen;
578	}
579
580  optend:
581	*databufp = NULL; /* for safety */
582	return(-1);
583}
584
585int
586inet6_opt_get_val(void *databuf, int offset, void *val, socklen_t vallen)
587{
588
589	/* we can't assume alignment here */
590	memcpy(val, (u_int8_t *)databuf + offset, vallen);
591
592	return(offset + vallen);
593}
594