ip_output.c revision 36908
1/* 2 * Copyright (c) 1982, 1986, 1988, 1990, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 34 * $Id: ip_output.c,v 1.71 1998/06/06 21:49:17 julian Exp $ 35 */ 36 37#define _IP_VHL 38 39#include "opt_ipfw.h" 40#include "opt_ipdivert.h" 41#include "opt_ipfilter.h" 42 43#include <sys/param.h> 44#include <sys/systm.h> 45#include <sys/malloc.h> 46#include <sys/mbuf.h> 47#include <sys/protosw.h> 48#include <sys/socket.h> 49#include <sys/socketvar.h> 50 51#include <net/if.h> 52#include <net/route.h> 53 54#include <netinet/in.h> 55#include <netinet/in_systm.h> 56#include <netinet/ip.h> 57#include <netinet/in_pcb.h> 58#include <netinet/in_var.h> 59#include <netinet/ip_var.h> 60 61#ifdef vax 62#include <machine/mtpr.h> 63#endif 64#include <machine/in_cksum.h> 65 66static MALLOC_DEFINE(M_IPMOPTS, "ip_moptions", "internet multicast options"); 67 68#if !defined(COMPAT_IPFW) || COMPAT_IPFW == 1 69#undef COMPAT_IPFW 70#define COMPAT_IPFW 1 71#else 72#undef COMPAT_IPFW 73#endif 74 75u_short ip_id; 76 77static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *)); 78static void ip_mloopback 79 __P((struct ifnet *, struct mbuf *, struct sockaddr_in *, int)); 80static int ip_getmoptions 81 __P((int, struct ip_moptions *, struct mbuf **)); 82static int ip_pcbopts __P((struct mbuf **, struct mbuf *)); 83static int ip_setmoptions 84 __P((int, struct ip_moptions **, struct mbuf *)); 85 86#if defined(IPFILTER_LKM) || defined(IPFILTER) 87int ip_optcopy __P((struct ip *, struct ip *)); 88extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)); 89#else 90static int ip_optcopy __P((struct ip *, struct ip *)); 91#endif 92 93 94extern struct protosw inetsw[]; 95 96/* 97 * IP output. The packet in mbuf chain m contains a skeletal IP 98 * header (with len, off, ttl, proto, tos, src, dst). 99 * The mbuf chain containing the packet will be freed. 100 * The mbuf opt, if present, will not be freed. 101 */ 102int 103ip_output(m0, opt, ro, flags, imo) 104 struct mbuf *m0; 105 struct mbuf *opt; 106 struct route *ro; 107 int flags; 108 struct ip_moptions *imo; 109{ 110 struct ip *ip, *mhip; 111 struct ifnet *ifp; 112 struct mbuf *m = m0; 113 int hlen = sizeof (struct ip); 114 int len, off, error = 0; 115 struct sockaddr_in *dst; 116 struct in_ifaddr *ia; 117 int isbroadcast; 118 119#ifdef DIAGNOSTIC 120 if ((m->m_flags & M_PKTHDR) == 0) 121 panic("ip_output no HDR"); 122 if (!ro) 123 panic("ip_output no route, proto = %d", 124 mtod(m, struct ip *)->ip_p); 125#endif 126 if (opt) { 127 m = ip_insertoptions(m, opt, &len); 128 hlen = len; 129 } 130 ip = mtod(m, struct ip *); 131 /* 132 * Fill in IP header. 133 */ 134 if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) { 135 ip->ip_vhl = IP_MAKE_VHL(IPVERSION, hlen >> 2); 136 ip->ip_off &= IP_DF; 137 ip->ip_id = htons(ip_id++); 138 ipstat.ips_localout++; 139 } else { 140 hlen = IP_VHL_HL(ip->ip_vhl) << 2; 141 } 142 143 dst = (struct sockaddr_in *)&ro->ro_dst; 144 /* 145 * If there is a cached route, 146 * check that it is to the same destination 147 * and is still up. If not, free it and try again. 148 */ 149 if (ro->ro_rt && ((ro->ro_rt->rt_flags & RTF_UP) == 0 || 150 dst->sin_addr.s_addr != ip->ip_dst.s_addr)) { 151 RTFREE(ro->ro_rt); 152 ro->ro_rt = (struct rtentry *)0; 153 } 154 if (ro->ro_rt == 0) { 155 dst->sin_family = AF_INET; 156 dst->sin_len = sizeof(*dst); 157 dst->sin_addr = ip->ip_dst; 158 } 159 /* 160 * If routing to interface only, 161 * short circuit routing lookup. 162 */ 163#define ifatoia(ifa) ((struct in_ifaddr *)(ifa)) 164#define sintosa(sin) ((struct sockaddr *)(sin)) 165 if (flags & IP_ROUTETOIF) { 166 if ((ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst)))) == 0 && 167 (ia = ifatoia(ifa_ifwithnet(sintosa(dst)))) == 0) { 168 ipstat.ips_noroute++; 169 error = ENETUNREACH; 170 goto bad; 171 } 172 ifp = ia->ia_ifp; 173 ip->ip_ttl = 1; 174 isbroadcast = in_broadcast(dst->sin_addr, ifp); 175 } else { 176 /* 177 * If this is the case, we probably don't want to allocate 178 * a protocol-cloned route since we didn't get one from the 179 * ULP. This lets TCP do its thing, while not burdening 180 * forwarding or ICMP with the overhead of cloning a route. 181 * Of course, we still want to do any cloning requested by 182 * the link layer, as this is probably required in all cases 183 * for correct operation (as it is for ARP). 184 */ 185 if (ro->ro_rt == 0) 186 rtalloc_ign(ro, RTF_PRCLONING); 187 if (ro->ro_rt == 0) { 188 ipstat.ips_noroute++; 189 error = EHOSTUNREACH; 190 goto bad; 191 } 192 ia = ifatoia(ro->ro_rt->rt_ifa); 193 ifp = ro->ro_rt->rt_ifp; 194 ro->ro_rt->rt_use++; 195 if (ro->ro_rt->rt_flags & RTF_GATEWAY) 196 dst = (struct sockaddr_in *)ro->ro_rt->rt_gateway; 197 if (ro->ro_rt->rt_flags & RTF_HOST) 198 isbroadcast = (ro->ro_rt->rt_flags & RTF_BROADCAST); 199 else 200 isbroadcast = in_broadcast(dst->sin_addr, ifp); 201 } 202 if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) { 203 struct in_multi *inm; 204 205 m->m_flags |= M_MCAST; 206 /* 207 * IP destination address is multicast. Make sure "dst" 208 * still points to the address in "ro". (It may have been 209 * changed to point to a gateway address, above.) 210 */ 211 dst = (struct sockaddr_in *)&ro->ro_dst; 212 /* 213 * See if the caller provided any multicast options 214 */ 215 if (imo != NULL) { 216 ip->ip_ttl = imo->imo_multicast_ttl; 217 if (imo->imo_multicast_ifp != NULL) 218 ifp = imo->imo_multicast_ifp; 219 if (imo->imo_multicast_vif != -1) 220 ip->ip_src.s_addr = 221 ip_mcast_src(imo->imo_multicast_vif); 222 } else 223 ip->ip_ttl = IP_DEFAULT_MULTICAST_TTL; 224 /* 225 * Confirm that the outgoing interface supports multicast. 226 */ 227 if ((imo == NULL) || (imo->imo_multicast_vif == -1)) { 228 if ((ifp->if_flags & IFF_MULTICAST) == 0) { 229 ipstat.ips_noroute++; 230 error = ENETUNREACH; 231 goto bad; 232 } 233 } 234 /* 235 * If source address not specified yet, use address 236 * of outgoing interface. 237 */ 238 if (ip->ip_src.s_addr == INADDR_ANY) { 239 register struct in_ifaddr *ia1; 240 241 for (ia1 = in_ifaddrhead.tqh_first; ia1; 242 ia1 = ia1->ia_link.tqe_next) 243 if (ia1->ia_ifp == ifp) { 244 ip->ip_src = IA_SIN(ia1)->sin_addr; 245 break; 246 } 247 } 248 249 IN_LOOKUP_MULTI(ip->ip_dst, ifp, inm); 250 if (inm != NULL && 251 (imo == NULL || imo->imo_multicast_loop)) { 252 /* 253 * If we belong to the destination multicast group 254 * on the outgoing interface, and the caller did not 255 * forbid loopback, loop back a copy. 256 */ 257 ip_mloopback(ifp, m, dst, hlen); 258 } 259 else { 260 /* 261 * If we are acting as a multicast router, perform 262 * multicast forwarding as if the packet had just 263 * arrived on the interface to which we are about 264 * to send. The multicast forwarding function 265 * recursively calls this function, using the 266 * IP_FORWARDING flag to prevent infinite recursion. 267 * 268 * Multicasts that are looped back by ip_mloopback(), 269 * above, will be forwarded by the ip_input() routine, 270 * if necessary. 271 */ 272 if (ip_mrouter && (flags & IP_FORWARDING) == 0) { 273 /* 274 * Check if rsvp daemon is running. If not, don't 275 * set ip_moptions. This ensures that the packet 276 * is multicast and not just sent down one link 277 * as prescribed by rsvpd. 278 */ 279 if (!rsvp_on) 280 imo = NULL; 281 if (ip_mforward(ip, ifp, m, imo) != 0) { 282 m_freem(m); 283 goto done; 284 } 285 } 286 } 287 288 /* 289 * Multicasts with a time-to-live of zero may be looped- 290 * back, above, but must not be transmitted on a network. 291 * Also, multicasts addressed to the loopback interface 292 * are not sent -- the above call to ip_mloopback() will 293 * loop back a copy if this host actually belongs to the 294 * destination group on the loopback interface. 295 */ 296 if (ip->ip_ttl == 0 || ifp->if_flags & IFF_LOOPBACK) { 297 m_freem(m); 298 goto done; 299 } 300 301 goto sendit; 302 } 303#ifndef notdef 304 /* 305 * If source address not specified yet, use address 306 * of outgoing interface. 307 */ 308 if (ip->ip_src.s_addr == INADDR_ANY) 309 ip->ip_src = IA_SIN(ia)->sin_addr; 310#endif 311 /* 312 * Verify that we have any chance at all of being able to queue 313 * the packet or packet fragments 314 */ 315 if ((ifp->if_snd.ifq_len + ip->ip_len / ifp->if_mtu + 1) >= 316 ifp->if_snd.ifq_maxlen) { 317 error = ENOBUFS; 318 goto bad; 319 } 320 321 /* 322 * Look for broadcast address and 323 * and verify user is allowed to send 324 * such a packet. 325 */ 326 if (isbroadcast) { 327 if ((ifp->if_flags & IFF_BROADCAST) == 0) { 328 error = EADDRNOTAVAIL; 329 goto bad; 330 } 331 if ((flags & IP_ALLOWBROADCAST) == 0) { 332 error = EACCES; 333 goto bad; 334 } 335 /* don't allow broadcast messages to be fragmented */ 336 if ((u_short)ip->ip_len > ifp->if_mtu) { 337 error = EMSGSIZE; 338 goto bad; 339 } 340 m->m_flags |= M_BCAST; 341 } else { 342 m->m_flags &= ~M_BCAST; 343 } 344 345sendit: 346 /* 347 * IpHack's section. 348 * - Xlate: translate packet's addr/port (NAT). 349 * - Firewall: deny/allow/etc. 350 * - Wrap: fake packet's addr/port <unimpl.> 351 * - Encapsulate: put it in another IP and send out. <unimp.> 352 */ 353#if defined(IPFILTER) || defined(IPFILTER_LKM) 354 if (fr_checkp) { 355 struct mbuf *m1 = m; 356 357 if ((error = (*fr_checkp)(ip, hlen, ifp, 1, &m1)) || !m1) 358 goto done; 359 ip = mtod(m = m1, struct ip *); 360 } 361#endif 362 363#ifdef COMPAT_IPFW 364 if (ip_nat_ptr && !(*ip_nat_ptr)(&ip, &m, ifp, IP_NAT_OUT)) { 365 error = EACCES; 366 goto done; 367 } 368 369 /* 370 * Check with the firewall... 371 */ 372 if (ip_fw_chk_ptr) { 373#ifdef IPDIVERT 374 ip_divert_port = (*ip_fw_chk_ptr)(&ip, 375 hlen, ifp, &ip_divert_cookie, &m); 376 if (ip_divert_port) { /* Divert packet */ 377 (*inetsw[ip_protox[IPPROTO_DIVERT]].pr_input)(m, 0); 378 goto done; 379 } 380#else 381 u_int16_t dummy = 0; 382 /* If ipfw says divert, we have to just drop packet */ 383 if ((*ip_fw_chk_ptr)(&ip, hlen, ifp, &dummy, &m)) { 384 m_freem(m); 385 goto done; 386 } 387#endif 388 if (!m) { 389 error = EACCES; 390 goto done; 391 } 392 } 393#endif /* COMPAT_IPFW */ 394 395 /* 396 * If small enough for interface, can just send directly. 397 */ 398 if ((u_short)ip->ip_len <= ifp->if_mtu) { 399 ip->ip_len = htons((u_short)ip->ip_len); 400 ip->ip_off = htons((u_short)ip->ip_off); 401 ip->ip_sum = 0; 402 if (ip->ip_vhl == IP_VHL_BORING) { 403 ip->ip_sum = in_cksum_hdr(ip); 404 } else { 405 ip->ip_sum = in_cksum(m, hlen); 406 } 407 error = (*ifp->if_output)(ifp, m, 408 (struct sockaddr *)dst, ro->ro_rt); 409 goto done; 410 } 411 /* 412 * Too large for interface; fragment if possible. 413 * Must be able to put at least 8 bytes per fragment. 414 */ 415 if (ip->ip_off & IP_DF) { 416 error = EMSGSIZE; 417 /* 418 * This case can happen if the user changed the MTU 419 * of an interface after enabling IP on it. Because 420 * most netifs don't keep track of routes pointing to 421 * them, there is no way for one to update all its 422 * routes when the MTU is changed. 423 */ 424 if ((ro->ro_rt->rt_flags & (RTF_UP | RTF_HOST)) 425 && !(ro->ro_rt->rt_rmx.rmx_locks & RTV_MTU) 426 && (ro->ro_rt->rt_rmx.rmx_mtu > ifp->if_mtu)) { 427 ro->ro_rt->rt_rmx.rmx_mtu = ifp->if_mtu; 428 } 429 ipstat.ips_cantfrag++; 430 goto bad; 431 } 432 len = (ifp->if_mtu - hlen) &~ 7; 433 if (len < 8) { 434 error = EMSGSIZE; 435 goto bad; 436 } 437 438 { 439 int mhlen, firstlen = len; 440 struct mbuf **mnext = &m->m_nextpkt; 441 442 /* 443 * Loop through length of segment after first fragment, 444 * make new header and copy data of each part and link onto chain. 445 */ 446 m0 = m; 447 mhlen = sizeof (struct ip); 448 for (off = hlen + len; off < (u_short)ip->ip_len; off += len) { 449 MGETHDR(m, M_DONTWAIT, MT_HEADER); 450 if (m == 0) { 451 error = ENOBUFS; 452 ipstat.ips_odropped++; 453 goto sendorfree; 454 } 455 m->m_data += max_linkhdr; 456 mhip = mtod(m, struct ip *); 457 *mhip = *ip; 458 if (hlen > sizeof (struct ip)) { 459 mhlen = ip_optcopy(ip, mhip) + sizeof (struct ip); 460 mhip->ip_vhl = IP_MAKE_VHL(IPVERSION, mhlen >> 2); 461 } 462 m->m_len = mhlen; 463 mhip->ip_off = ((off - hlen) >> 3) + (ip->ip_off & ~IP_MF); 464 if (ip->ip_off & IP_MF) 465 mhip->ip_off |= IP_MF; 466 if (off + len >= (u_short)ip->ip_len) 467 len = (u_short)ip->ip_len - off; 468 else 469 mhip->ip_off |= IP_MF; 470 mhip->ip_len = htons((u_short)(len + mhlen)); 471 m->m_next = m_copy(m0, off, len); 472 if (m->m_next == 0) { 473 (void) m_free(m); 474 error = ENOBUFS; /* ??? */ 475 ipstat.ips_odropped++; 476 goto sendorfree; 477 } 478 m->m_pkthdr.len = mhlen + len; 479 m->m_pkthdr.rcvif = (struct ifnet *)0; 480 mhip->ip_off = htons((u_short)mhip->ip_off); 481 mhip->ip_sum = 0; 482 if (mhip->ip_vhl == IP_VHL_BORING) { 483 mhip->ip_sum = in_cksum_hdr(mhip); 484 } else { 485 mhip->ip_sum = in_cksum(m, mhlen); 486 } 487 *mnext = m; 488 mnext = &m->m_nextpkt; 489 ipstat.ips_ofragments++; 490 } 491 /* 492 * Update first fragment by trimming what's been copied out 493 * and updating header, then send each fragment (in order). 494 */ 495 m = m0; 496 m_adj(m, hlen + firstlen - (u_short)ip->ip_len); 497 m->m_pkthdr.len = hlen + firstlen; 498 ip->ip_len = htons((u_short)m->m_pkthdr.len); 499 ip->ip_off = htons((u_short)(ip->ip_off | IP_MF)); 500 ip->ip_sum = 0; 501 if (ip->ip_vhl == IP_VHL_BORING) { 502 ip->ip_sum = in_cksum_hdr(ip); 503 } else { 504 ip->ip_sum = in_cksum(m, hlen); 505 } 506sendorfree: 507 for (m = m0; m; m = m0) { 508 m0 = m->m_nextpkt; 509 m->m_nextpkt = 0; 510 if (error == 0) 511 error = (*ifp->if_output)(ifp, m, 512 (struct sockaddr *)dst, ro->ro_rt); 513 else 514 m_freem(m); 515 } 516 517 if (error == 0) 518 ipstat.ips_fragmented++; 519 } 520done: 521 return (error); 522bad: 523 m_freem(m0); 524 goto done; 525} 526 527/* 528 * Insert IP options into preformed packet. 529 * Adjust IP destination as required for IP source routing, 530 * as indicated by a non-zero in_addr at the start of the options. 531 * 532 * XXX This routine assumes that the packet has no options in place. 533 */ 534static struct mbuf * 535ip_insertoptions(m, opt, phlen) 536 register struct mbuf *m; 537 struct mbuf *opt; 538 int *phlen; 539{ 540 register struct ipoption *p = mtod(opt, struct ipoption *); 541 struct mbuf *n; 542 register struct ip *ip = mtod(m, struct ip *); 543 unsigned optlen; 544 545 optlen = opt->m_len - sizeof(p->ipopt_dst); 546 if (optlen + (u_short)ip->ip_len > IP_MAXPACKET) 547 return (m); /* XXX should fail */ 548 if (p->ipopt_dst.s_addr) 549 ip->ip_dst = p->ipopt_dst; 550 if (m->m_flags & M_EXT || m->m_data - optlen < m->m_pktdat) { 551 MGETHDR(n, M_DONTWAIT, MT_HEADER); 552 if (n == 0) 553 return (m); 554 n->m_pkthdr.len = m->m_pkthdr.len + optlen; 555 m->m_len -= sizeof(struct ip); 556 m->m_data += sizeof(struct ip); 557 n->m_next = m; 558 m = n; 559 m->m_len = optlen + sizeof(struct ip); 560 m->m_data += max_linkhdr; 561 (void)memcpy(mtod(m, void *), ip, sizeof(struct ip)); 562 } else { 563 m->m_data -= optlen; 564 m->m_len += optlen; 565 m->m_pkthdr.len += optlen; 566 ovbcopy((caddr_t)ip, mtod(m, caddr_t), sizeof(struct ip)); 567 } 568 ip = mtod(m, struct ip *); 569 bcopy(p->ipopt_list, ip + 1, optlen); 570 *phlen = sizeof(struct ip) + optlen; 571 ip->ip_vhl = IP_MAKE_VHL(IPVERSION, *phlen >> 2); 572 ip->ip_len += optlen; 573 return (m); 574} 575 576/* 577 * Copy options from ip to jp, 578 * omitting those not copied during fragmentation. 579 */ 580#if !defined(IPFILTER) && !defined(IPFILTER_LKM) 581static 582#endif 583int 584ip_optcopy(ip, jp) 585 struct ip *ip, *jp; 586{ 587 register u_char *cp, *dp; 588 int opt, optlen, cnt; 589 590 cp = (u_char *)(ip + 1); 591 dp = (u_char *)(jp + 1); 592 cnt = (IP_VHL_HL(ip->ip_vhl) << 2) - sizeof (struct ip); 593 for (; cnt > 0; cnt -= optlen, cp += optlen) { 594 opt = cp[0]; 595 if (opt == IPOPT_EOL) 596 break; 597 if (opt == IPOPT_NOP) { 598 /* Preserve for IP mcast tunnel's LSRR alignment. */ 599 *dp++ = IPOPT_NOP; 600 optlen = 1; 601 continue; 602 } else 603 optlen = cp[IPOPT_OLEN]; 604 /* bogus lengths should have been caught by ip_dooptions */ 605 if (optlen > cnt) 606 optlen = cnt; 607 if (IPOPT_COPIED(opt)) { 608 bcopy(cp, dp, optlen); 609 dp += optlen; 610 } 611 } 612 for (optlen = dp - (u_char *)(jp+1); optlen & 0x3; optlen++) 613 *dp++ = IPOPT_EOL; 614 return (optlen); 615} 616 617/* 618 * IP socket option processing. 619 */ 620int 621ip_ctloutput(op, so, level, optname, mp, p) 622 int op; 623 struct socket *so; 624 int level, optname; 625 struct mbuf **mp; 626 struct proc *p; 627{ 628 register struct inpcb *inp = sotoinpcb(so); 629 register struct mbuf *m = *mp; 630 register int optval = 0; 631 int error = 0; 632 633 if (level != IPPROTO_IP) { 634 error = EINVAL; 635 if (op == PRCO_SETOPT && *mp) 636 (void) m_free(*mp); 637 } else switch (op) { 638 639 case PRCO_SETOPT: 640 switch (optname) { 641 case IP_OPTIONS: 642#ifdef notyet 643 case IP_RETOPTS: 644 return (ip_pcbopts(optname, &inp->inp_options, m)); 645#else 646 return (ip_pcbopts(&inp->inp_options, m)); 647#endif 648 649 case IP_TOS: 650 case IP_TTL: 651 case IP_RECVOPTS: 652 case IP_RECVRETOPTS: 653 case IP_RECVDSTADDR: 654 case IP_RECVIF: 655 if (m == 0 || m->m_len != sizeof(int)) 656 error = EINVAL; 657 else { 658 optval = *mtod(m, int *); 659 switch (optname) { 660 661 case IP_TOS: 662 inp->inp_ip_tos = optval; 663 break; 664 665 case IP_TTL: 666 inp->inp_ip_ttl = optval; 667 break; 668#define OPTSET(bit) \ 669 if (optval) \ 670 inp->inp_flags |= bit; \ 671 else \ 672 inp->inp_flags &= ~bit; 673 674 case IP_RECVOPTS: 675 OPTSET(INP_RECVOPTS); 676 break; 677 678 case IP_RECVRETOPTS: 679 OPTSET(INP_RECVRETOPTS); 680 break; 681 682 case IP_RECVDSTADDR: 683 OPTSET(INP_RECVDSTADDR); 684 break; 685 686 case IP_RECVIF: 687 OPTSET(INP_RECVIF); 688 break; 689 } 690 } 691 break; 692#undef OPTSET 693 694 case IP_MULTICAST_IF: 695 case IP_MULTICAST_VIF: 696 case IP_MULTICAST_TTL: 697 case IP_MULTICAST_LOOP: 698 case IP_ADD_MEMBERSHIP: 699 case IP_DROP_MEMBERSHIP: 700 error = ip_setmoptions(optname, &inp->inp_moptions, m); 701 break; 702 703 case IP_PORTRANGE: 704 if (m == 0 || m->m_len != sizeof(int)) 705 error = EINVAL; 706 else { 707 optval = *mtod(m, int *); 708 709 switch (optval) { 710 711 case IP_PORTRANGE_DEFAULT: 712 inp->inp_flags &= ~(INP_LOWPORT); 713 inp->inp_flags &= ~(INP_HIGHPORT); 714 break; 715 716 case IP_PORTRANGE_HIGH: 717 inp->inp_flags &= ~(INP_LOWPORT); 718 inp->inp_flags |= INP_HIGHPORT; 719 break; 720 721 case IP_PORTRANGE_LOW: 722 inp->inp_flags &= ~(INP_HIGHPORT); 723 inp->inp_flags |= INP_LOWPORT; 724 break; 725 726 default: 727 error = EINVAL; 728 break; 729 } 730 } 731 break; 732 733 default: 734 error = ENOPROTOOPT; 735 break; 736 } 737 if (m) 738 (void)m_free(m); 739 break; 740 741 case PRCO_GETOPT: 742 switch (optname) { 743 case IP_OPTIONS: 744 case IP_RETOPTS: 745 *mp = m = m_get(M_WAIT, MT_SOOPTS); 746 if (inp->inp_options) { 747 m->m_len = inp->inp_options->m_len; 748 bcopy(mtod(inp->inp_options, void *), 749 mtod(m, void *), m->m_len); 750 } else 751 m->m_len = 0; 752 break; 753 754 case IP_TOS: 755 case IP_TTL: 756 case IP_RECVOPTS: 757 case IP_RECVRETOPTS: 758 case IP_RECVDSTADDR: 759 case IP_RECVIF: 760 *mp = m = m_get(M_WAIT, MT_SOOPTS); 761 m->m_len = sizeof(int); 762 switch (optname) { 763 764 case IP_TOS: 765 optval = inp->inp_ip_tos; 766 break; 767 768 case IP_TTL: 769 optval = inp->inp_ip_ttl; 770 break; 771 772#define OPTBIT(bit) (inp->inp_flags & bit ? 1 : 0) 773 774 case IP_RECVOPTS: 775 optval = OPTBIT(INP_RECVOPTS); 776 break; 777 778 case IP_RECVRETOPTS: 779 optval = OPTBIT(INP_RECVRETOPTS); 780 break; 781 782 case IP_RECVDSTADDR: 783 optval = OPTBIT(INP_RECVDSTADDR); 784 break; 785 786 case IP_RECVIF: 787 optval = OPTBIT(INP_RECVIF); 788 break; 789 } 790 *mtod(m, int *) = optval; 791 break; 792 793 case IP_MULTICAST_IF: 794 case IP_MULTICAST_VIF: 795 case IP_MULTICAST_TTL: 796 case IP_MULTICAST_LOOP: 797 case IP_ADD_MEMBERSHIP: 798 case IP_DROP_MEMBERSHIP: 799 error = ip_getmoptions(optname, inp->inp_moptions, mp); 800 break; 801 802 case IP_PORTRANGE: 803 *mp = m = m_get(M_WAIT, MT_SOOPTS); 804 m->m_len = sizeof(int); 805 806 if (inp->inp_flags & INP_HIGHPORT) 807 optval = IP_PORTRANGE_HIGH; 808 else if (inp->inp_flags & INP_LOWPORT) 809 optval = IP_PORTRANGE_LOW; 810 else 811 optval = 0; 812 813 *mtod(m, int *) = optval; 814 break; 815 816 default: 817 error = ENOPROTOOPT; 818 break; 819 } 820 break; 821 } 822 return (error); 823} 824 825/* 826 * Set up IP options in pcb for insertion in output packets. 827 * Store in mbuf with pointer in pcbopt, adding pseudo-option 828 * with destination address if source routed. 829 */ 830static int 831#ifdef notyet 832ip_pcbopts(optname, pcbopt, m) 833 int optname; 834#else 835ip_pcbopts(pcbopt, m) 836#endif 837 struct mbuf **pcbopt; 838 register struct mbuf *m; 839{ 840 register int cnt, optlen; 841 register u_char *cp; 842 u_char opt; 843 844 /* turn off any old options */ 845 if (*pcbopt) 846 (void)m_free(*pcbopt); 847 *pcbopt = 0; 848 if (m == (struct mbuf *)0 || m->m_len == 0) { 849 /* 850 * Only turning off any previous options. 851 */ 852 if (m) 853 (void)m_free(m); 854 return (0); 855 } 856 857#ifndef vax 858 if (m->m_len % sizeof(long)) 859 goto bad; 860#endif 861 /* 862 * IP first-hop destination address will be stored before 863 * actual options; move other options back 864 * and clear it when none present. 865 */ 866 if (m->m_data + m->m_len + sizeof(struct in_addr) >= &m->m_dat[MLEN]) 867 goto bad; 868 cnt = m->m_len; 869 m->m_len += sizeof(struct in_addr); 870 cp = mtod(m, u_char *) + sizeof(struct in_addr); 871 ovbcopy(mtod(m, caddr_t), (caddr_t)cp, (unsigned)cnt); 872 bzero(mtod(m, caddr_t), sizeof(struct in_addr)); 873 874 for (; cnt > 0; cnt -= optlen, cp += optlen) { 875 opt = cp[IPOPT_OPTVAL]; 876 if (opt == IPOPT_EOL) 877 break; 878 if (opt == IPOPT_NOP) 879 optlen = 1; 880 else { 881 optlen = cp[IPOPT_OLEN]; 882 if (optlen <= IPOPT_OLEN || optlen > cnt) 883 goto bad; 884 } 885 switch (opt) { 886 887 default: 888 break; 889 890 case IPOPT_LSRR: 891 case IPOPT_SSRR: 892 /* 893 * user process specifies route as: 894 * ->A->B->C->D 895 * D must be our final destination (but we can't 896 * check that since we may not have connected yet). 897 * A is first hop destination, which doesn't appear in 898 * actual IP option, but is stored before the options. 899 */ 900 if (optlen < IPOPT_MINOFF - 1 + sizeof(struct in_addr)) 901 goto bad; 902 m->m_len -= sizeof(struct in_addr); 903 cnt -= sizeof(struct in_addr); 904 optlen -= sizeof(struct in_addr); 905 cp[IPOPT_OLEN] = optlen; 906 /* 907 * Move first hop before start of options. 908 */ 909 bcopy((caddr_t)&cp[IPOPT_OFFSET+1], mtod(m, caddr_t), 910 sizeof(struct in_addr)); 911 /* 912 * Then copy rest of options back 913 * to close up the deleted entry. 914 */ 915 ovbcopy((caddr_t)(&cp[IPOPT_OFFSET+1] + 916 sizeof(struct in_addr)), 917 (caddr_t)&cp[IPOPT_OFFSET+1], 918 (unsigned)cnt + sizeof(struct in_addr)); 919 break; 920 } 921 } 922 if (m->m_len > MAX_IPOPTLEN + sizeof(struct in_addr)) 923 goto bad; 924 *pcbopt = m; 925 return (0); 926 927bad: 928 (void)m_free(m); 929 return (EINVAL); 930} 931 932/* 933 * Set the IP multicast options in response to user setsockopt(). 934 */ 935static int 936ip_setmoptions(optname, imop, m) 937 int optname; 938 struct ip_moptions **imop; 939 struct mbuf *m; 940{ 941 register int error = 0; 942 u_char loop; 943 register int i; 944 struct in_addr addr; 945 register struct ip_mreq *mreq; 946 register struct ifnet *ifp; 947 register struct ip_moptions *imo = *imop; 948 struct route ro; 949 register struct sockaddr_in *dst; 950 int s; 951 952 if (imo == NULL) { 953 /* 954 * No multicast option buffer attached to the pcb; 955 * allocate one and initialize to default values. 956 */ 957 imo = (struct ip_moptions*)malloc(sizeof(*imo), M_IPMOPTS, 958 M_WAITOK); 959 960 if (imo == NULL) 961 return (ENOBUFS); 962 *imop = imo; 963 imo->imo_multicast_ifp = NULL; 964 imo->imo_multicast_vif = -1; 965 imo->imo_multicast_ttl = IP_DEFAULT_MULTICAST_TTL; 966 imo->imo_multicast_loop = IP_DEFAULT_MULTICAST_LOOP; 967 imo->imo_num_memberships = 0; 968 } 969 970 switch (optname) { 971 /* store an index number for the vif you wanna use in the send */ 972 case IP_MULTICAST_VIF: 973 if (!legal_vif_num) { 974 error = EOPNOTSUPP; 975 break; 976 } 977 if (m == NULL || m->m_len != sizeof(int)) { 978 error = EINVAL; 979 break; 980 } 981 i = *(mtod(m, int *)); 982 if (!legal_vif_num(i) && (i != -1)) { 983 error = EINVAL; 984 break; 985 } 986 imo->imo_multicast_vif = i; 987 break; 988 989 case IP_MULTICAST_IF: 990 /* 991 * Select the interface for outgoing multicast packets. 992 */ 993 if (m == NULL || m->m_len != sizeof(struct in_addr)) { 994 error = EINVAL; 995 break; 996 } 997 addr = *(mtod(m, struct in_addr *)); 998 /* 999 * INADDR_ANY is used to remove a previous selection. 1000 * When no interface is selected, a default one is 1001 * chosen every time a multicast packet is sent. 1002 */ 1003 if (addr.s_addr == INADDR_ANY) { 1004 imo->imo_multicast_ifp = NULL; 1005 break; 1006 } 1007 /* 1008 * The selected interface is identified by its local 1009 * IP address. Find the interface and confirm that 1010 * it supports multicasting. 1011 */ 1012 s = splimp(); 1013 INADDR_TO_IFP(addr, ifp); 1014 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) { 1015 splx(s); 1016 error = EADDRNOTAVAIL; 1017 break; 1018 } 1019 imo->imo_multicast_ifp = ifp; 1020 splx(s); 1021 break; 1022 1023 case IP_MULTICAST_TTL: 1024 /* 1025 * Set the IP time-to-live for outgoing multicast packets. 1026 */ 1027 if (m == NULL || m->m_len != 1) { 1028 error = EINVAL; 1029 break; 1030 } 1031 imo->imo_multicast_ttl = *(mtod(m, u_char *)); 1032 break; 1033 1034 case IP_MULTICAST_LOOP: 1035 /* 1036 * Set the loopback flag for outgoing multicast packets. 1037 * Must be zero or one. 1038 */ 1039 if (m == NULL || m->m_len != 1 || 1040 (loop = *(mtod(m, u_char *))) > 1) { 1041 error = EINVAL; 1042 break; 1043 } 1044 imo->imo_multicast_loop = loop; 1045 break; 1046 1047 case IP_ADD_MEMBERSHIP: 1048 /* 1049 * Add a multicast group membership. 1050 * Group must be a valid IP multicast address. 1051 */ 1052 if (m == NULL || m->m_len != sizeof(struct ip_mreq)) { 1053 error = EINVAL; 1054 break; 1055 } 1056 mreq = mtod(m, struct ip_mreq *); 1057 if (!IN_MULTICAST(ntohl(mreq->imr_multiaddr.s_addr))) { 1058 error = EINVAL; 1059 break; 1060 } 1061 s = splimp(); 1062 /* 1063 * If no interface address was provided, use the interface of 1064 * the route to the given multicast address. 1065 */ 1066 if (mreq->imr_interface.s_addr == INADDR_ANY) { 1067 bzero((caddr_t)&ro, sizeof(ro)); 1068 dst = (struct sockaddr_in *)&ro.ro_dst; 1069 dst->sin_len = sizeof(*dst); 1070 dst->sin_family = AF_INET; 1071 dst->sin_addr = mreq->imr_multiaddr; 1072 rtalloc(&ro); 1073 if (ro.ro_rt == NULL) { 1074 error = EADDRNOTAVAIL; 1075 splx(s); 1076 break; 1077 } 1078 ifp = ro.ro_rt->rt_ifp; 1079 rtfree(ro.ro_rt); 1080 } 1081 else { 1082 INADDR_TO_IFP(mreq->imr_interface, ifp); 1083 } 1084 1085 /* 1086 * See if we found an interface, and confirm that it 1087 * supports multicast. 1088 */ 1089 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) { 1090 error = EADDRNOTAVAIL; 1091 splx(s); 1092 break; 1093 } 1094 /* 1095 * See if the membership already exists or if all the 1096 * membership slots are full. 1097 */ 1098 for (i = 0; i < imo->imo_num_memberships; ++i) { 1099 if (imo->imo_membership[i]->inm_ifp == ifp && 1100 imo->imo_membership[i]->inm_addr.s_addr 1101 == mreq->imr_multiaddr.s_addr) 1102 break; 1103 } 1104 if (i < imo->imo_num_memberships) { 1105 error = EADDRINUSE; 1106 splx(s); 1107 break; 1108 } 1109 if (i == IP_MAX_MEMBERSHIPS) { 1110 error = ETOOMANYREFS; 1111 splx(s); 1112 break; 1113 } 1114 /* 1115 * Everything looks good; add a new record to the multicast 1116 * address list for the given interface. 1117 */ 1118 if ((imo->imo_membership[i] = 1119 in_addmulti(&mreq->imr_multiaddr, ifp)) == NULL) { 1120 error = ENOBUFS; 1121 splx(s); 1122 break; 1123 } 1124 ++imo->imo_num_memberships; 1125 splx(s); 1126 break; 1127 1128 case IP_DROP_MEMBERSHIP: 1129 /* 1130 * Drop a multicast group membership. 1131 * Group must be a valid IP multicast address. 1132 */ 1133 if (m == NULL || m->m_len != sizeof(struct ip_mreq)) { 1134 error = EINVAL; 1135 break; 1136 } 1137 mreq = mtod(m, struct ip_mreq *); 1138 if (!IN_MULTICAST(ntohl(mreq->imr_multiaddr.s_addr))) { 1139 error = EINVAL; 1140 break; 1141 } 1142 1143 s = splimp(); 1144 /* 1145 * If an interface address was specified, get a pointer 1146 * to its ifnet structure. 1147 */ 1148 if (mreq->imr_interface.s_addr == INADDR_ANY) 1149 ifp = NULL; 1150 else { 1151 INADDR_TO_IFP(mreq->imr_interface, ifp); 1152 if (ifp == NULL) { 1153 error = EADDRNOTAVAIL; 1154 splx(s); 1155 break; 1156 } 1157 } 1158 /* 1159 * Find the membership in the membership array. 1160 */ 1161 for (i = 0; i < imo->imo_num_memberships; ++i) { 1162 if ((ifp == NULL || 1163 imo->imo_membership[i]->inm_ifp == ifp) && 1164 imo->imo_membership[i]->inm_addr.s_addr == 1165 mreq->imr_multiaddr.s_addr) 1166 break; 1167 } 1168 if (i == imo->imo_num_memberships) { 1169 error = EADDRNOTAVAIL; 1170 splx(s); 1171 break; 1172 } 1173 /* 1174 * Give up the multicast address record to which the 1175 * membership points. 1176 */ 1177 in_delmulti(imo->imo_membership[i]); 1178 /* 1179 * Remove the gap in the membership array. 1180 */ 1181 for (++i; i < imo->imo_num_memberships; ++i) 1182 imo->imo_membership[i-1] = imo->imo_membership[i]; 1183 --imo->imo_num_memberships; 1184 splx(s); 1185 break; 1186 1187 default: 1188 error = EOPNOTSUPP; 1189 break; 1190 } 1191 1192 /* 1193 * If all options have default values, no need to keep the mbuf. 1194 */ 1195 if (imo->imo_multicast_ifp == NULL && 1196 imo->imo_multicast_vif == -1 && 1197 imo->imo_multicast_ttl == IP_DEFAULT_MULTICAST_TTL && 1198 imo->imo_multicast_loop == IP_DEFAULT_MULTICAST_LOOP && 1199 imo->imo_num_memberships == 0) { 1200 free(*imop, M_IPMOPTS); 1201 *imop = NULL; 1202 } 1203 1204 return (error); 1205} 1206 1207/* 1208 * Return the IP multicast options in response to user getsockopt(). 1209 */ 1210static int 1211ip_getmoptions(optname, imo, mp) 1212 int optname; 1213 register struct ip_moptions *imo; 1214 register struct mbuf **mp; 1215{ 1216 u_char *ttl; 1217 u_char *loop; 1218 struct in_addr *addr; 1219 struct in_ifaddr *ia; 1220 1221 *mp = m_get(M_WAIT, MT_SOOPTS); 1222 1223 switch (optname) { 1224 1225 case IP_MULTICAST_VIF: 1226 if (imo != NULL) 1227 *(mtod(*mp, int *)) = imo->imo_multicast_vif; 1228 else 1229 *(mtod(*mp, int *)) = -1; 1230 (*mp)->m_len = sizeof(int); 1231 return(0); 1232 1233 case IP_MULTICAST_IF: 1234 addr = mtod(*mp, struct in_addr *); 1235 (*mp)->m_len = sizeof(struct in_addr); 1236 if (imo == NULL || imo->imo_multicast_ifp == NULL) 1237 addr->s_addr = INADDR_ANY; 1238 else { 1239 IFP_TO_IA(imo->imo_multicast_ifp, ia); 1240 addr->s_addr = (ia == NULL) ? INADDR_ANY 1241 : IA_SIN(ia)->sin_addr.s_addr; 1242 } 1243 return (0); 1244 1245 case IP_MULTICAST_TTL: 1246 ttl = mtod(*mp, u_char *); 1247 (*mp)->m_len = 1; 1248 *ttl = (imo == NULL) ? IP_DEFAULT_MULTICAST_TTL 1249 : imo->imo_multicast_ttl; 1250 return (0); 1251 1252 case IP_MULTICAST_LOOP: 1253 loop = mtod(*mp, u_char *); 1254 (*mp)->m_len = 1; 1255 *loop = (imo == NULL) ? IP_DEFAULT_MULTICAST_LOOP 1256 : imo->imo_multicast_loop; 1257 return (0); 1258 1259 default: 1260 return (EOPNOTSUPP); 1261 } 1262} 1263 1264/* 1265 * Discard the IP multicast options. 1266 */ 1267void 1268ip_freemoptions(imo) 1269 register struct ip_moptions *imo; 1270{ 1271 register int i; 1272 1273 if (imo != NULL) { 1274 for (i = 0; i < imo->imo_num_memberships; ++i) 1275 in_delmulti(imo->imo_membership[i]); 1276 free(imo, M_IPMOPTS); 1277 } 1278} 1279 1280/* 1281 * Routine called from ip_output() to loop back a copy of an IP multicast 1282 * packet to the input queue of a specified interface. Note that this 1283 * calls the output routine of the loopback "driver", but with an interface 1284 * pointer that might NOT be a loopback interface -- evil, but easier than 1285 * replicating that code here. 1286 */ 1287static void 1288ip_mloopback(ifp, m, dst, hlen) 1289 struct ifnet *ifp; 1290 register struct mbuf *m; 1291 register struct sockaddr_in *dst; 1292 int hlen; 1293{ 1294 register struct ip *ip; 1295 struct mbuf *copym; 1296 1297 copym = m_copy(m, 0, M_COPYALL); 1298 if (copym != NULL && (copym->m_flags & M_EXT || copym->m_len < hlen)) 1299 copym = m_pullup(copym, hlen); 1300 if (copym != NULL) { 1301 /* 1302 * We don't bother to fragment if the IP length is greater 1303 * than the interface's MTU. Can this possibly matter? 1304 */ 1305 ip = mtod(copym, struct ip *); 1306 ip->ip_len = htons((u_short)ip->ip_len); 1307 ip->ip_off = htons((u_short)ip->ip_off); 1308 ip->ip_sum = 0; 1309 if (ip->ip_vhl == IP_VHL_BORING) { 1310 ip->ip_sum = in_cksum_hdr(ip); 1311 } else { 1312 ip->ip_sum = in_cksum(copym, hlen); 1313 } 1314 /* 1315 * NB: 1316 * It's not clear whether there are any lingering 1317 * reentrancy problems in other areas which might 1318 * be exposed by using ip_input directly (in 1319 * particular, everything which modifies the packet 1320 * in-place). Yet another option is using the 1321 * protosw directly to deliver the looped back 1322 * packet. For the moment, we'll err on the side 1323 * of safety by using if_simloop(). 1324 */ 1325#ifdef notdef 1326 copym->m_pkthdr.rcvif = ifp; 1327 ip_input(copym); 1328#else 1329 if_simloop(ifp, copym, (struct sockaddr *)dst, 0); 1330#endif 1331 } 1332} 1333