raw_ip.c revision 105586 
1181053Srwatson/*
2188313Srwatson * Copyright (c) 1982, 1986, 1988, 1993
3155192Srwatson *	The Regents of the University of California.  All rights reserved.
4155192Srwatson *
5155192Srwatson * Redistribution and use in source and binary forms, with or without
6155192Srwatson * modification, are permitted provided that the following conditions
7155192Srwatson * are met:
8155192Srwatson * 1. Redistributions of source code must retain the above copyright
9155192Srwatson *    notice, this list of conditions and the following disclaimer.
10155192Srwatson * 2. Redistributions in binary form must reproduce the above copyright
11155192Srwatson *    notice, this list of conditions and the following disclaimer in the
12155192Srwatson *    documentation and/or other materials provided with the distribution.
13180701Srwatson * 3. All advertising materials mentioning features or use of this software
14155192Srwatson *    must display the following acknowledgement:
15155192Srwatson *	This product includes software developed by the University of
16155192Srwatson *	California, Berkeley and its contributors.
17155192Srwatson * 4. Neither the name of the University nor the names of its contributors
18155192Srwatson *    may be used to endorse or promote products derived from this software
19155192Srwatson *    without specific prior written permission.
20155192Srwatson *
21155192Srwatson * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22155192Srwatson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23155192Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24155192Srwatson * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25155192Srwatson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26155192Srwatson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27155192Srwatson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28155192Srwatson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29155192Srwatson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30155192Srwatson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31155192Srwatson * SUCH DAMAGE.
32155192Srwatson *
33155192Srwatson *	@(#)raw_ip.c	8.7 (Berkeley) 5/15/95
34155192Srwatson * $FreeBSD: head/sys/netinet/raw_ip.c 105586 2002-10-20 22:52:07Z phk $
35155192Srwatson */
36155192Srwatson
37156882Srwatson#include "opt_inet6.h"
38156882Srwatson#include "opt_ipsec.h"
39155192Srwatson#include "opt_mac.h"
40155192Srwatson#include "opt_random_ip_id.h"
41155192Srwatson
42155192Srwatson#include <sys/param.h>
43155192Srwatson#include <sys/kernel.h>
44155192Srwatson#include <sys/lock.h>
45155192Srwatson#include <sys/mac.h>
46155192Srwatson#include <sys/malloc.h>
47155192Srwatson#include <sys/mbuf.h>
48155192Srwatson#include <sys/proc.h>
49155192Srwatson#include <sys/protosw.h>
50155192Srwatson#include <sys/signalvar.h>
51155192Srwatson#include <sys/socket.h>
52155192Srwatson#include <sys/socketvar.h>
53195177Ssson#include <sys/sx.h>
54155192Srwatson#include <sys/sysctl.h>
55155192Srwatson#include <sys/systm.h>
56155192Srwatson
57156889Srwatson#include <vm/uma.h>
58156889Srwatson
59155192Srwatson#include <net/if.h>
60155192Srwatson#include <net/route.h>
61155192Srwatson
62155192Srwatson#include <netinet/in.h>
63155192Srwatson#include <netinet/in_systm.h>
64155192Srwatson#include <netinet/in_pcb.h>
65161813Swsalamon#include <netinet/in_var.h>
66161813Swsalamon#include <netinet/ip.h>
67155192Srwatson#include <netinet/ip_var.h>
68155192Srwatson#include <netinet/ip_mroute.h>
69155192Srwatson
70155192Srwatson#include <netinet/ip_fw.h>
71155192Srwatson#include <netinet/ip_dummynet.h>
72156889Srwatson
73156889Srwatson#ifdef FAST_IPSEC
74156889Srwatson#include <netipsec/ipsec.h>
75155192Srwatson#endif /*FAST_IPSEC*/
76155192Srwatson
77159269Srwatson#ifdef IPSEC
78159269Srwatson#include <netinet6/ipsec.h>
79159269Srwatson#endif /*IPSEC*/
80155192Srwatson
81155192Srwatsonstruct	inpcbhead ripcb;
82155192Srwatsonstruct	inpcbinfo ripcbinfo;
83155192Srwatson
84159269Srwatson/* control hooks for ipfw and dummynet */
85159269Srwatsonip_fw_ctl_t *ip_fw_ctl_ptr;
86159269Srwatsonip_dn_ctl_t *ip_dn_ctl_ptr;
87162380Scsjp
88162380Scsjp/*
89162380Scsjp * Nominal space allocated to a raw ip socket.
90155192Srwatson */
91155192Srwatson#define	RIPSNDQ		8192
92155192Srwatson#define	RIPRCVQ		8192
93155192Srwatson
94155192Srwatson/*
95155192Srwatson * Raw interface to IP protocol.
96155192Srwatson */
97155192Srwatson
98156889Srwatson/*
99156889Srwatson * Initialize raw connection block q.
100156889Srwatson */
101156889Srwatsonvoid
102156889Srwatsonrip_init()
103156889Srwatson{
104156889Srwatson	INP_INFO_LOCK_INIT(&ripcbinfo, "rip");
105155192Srwatson	LIST_INIT(&ripcb);
106155192Srwatson	ripcbinfo.listhead = &ripcb;
107155192Srwatson	/*
108195177Ssson	 * XXX We don't use the hash list for raw IP, but it's easier
109195177Ssson	 * to allocate a one entry hash list than it is to check all
110155192Srwatson	 * over the place for hashbase == NULL.
111155192Srwatson	 */
112155192Srwatson	ripcbinfo.hashbase = hashinit(1, M_PCB, &ripcbinfo.hashmask);
113180709Srwatson	ripcbinfo.porthashbase = hashinit(1, M_PCB, &ripcbinfo.porthashmask);
114155192Srwatson	ripcbinfo.ipi_zone = uma_zcreate("ripcb", sizeof(struct inpcb),
115155192Srwatson	    NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
116156889Srwatson	uma_zone_set_max(ripcbinfo.ipi_zone, maxsockets);
117156889Srwatson}
118156889Srwatson
119156889Srwatsonstatic struct	sockaddr_in ripsrc = { sizeof(ripsrc), AF_INET };
120155192Srwatson/*
121155192Srwatson * Setup generic address and protocol structures
122191270Srwatson * for raw_input routine, then pass them along with
123191270Srwatson * mbuf chain.
124191270Srwatson */
125191270Srwatsonvoid
126191270Srwatsonrip_input(m, off)
127191270Srwatson	struct mbuf *m;
128191270Srwatson	int off;
129191270Srwatson{
130191270Srwatson	register struct ip *ip = mtod(m, struct ip *);
131191270Srwatson	register struct inpcb *inp;
132191270Srwatson	struct inpcb *last = 0;
133191270Srwatson	struct mbuf *opts = 0;
134191270Srwatson	int proto = ip->ip_p;
135155192Srwatson
136155192Srwatson	ripsrc.sin_addr = ip->ip_src;
137191270Srwatson	LIST_FOREACH(inp, &ripcb, inp_list) {
138191270Srwatson#ifdef INET6
139191270Srwatson		if ((inp->inp_vflag & INP_IPV4) == 0)
140155192Srwatson			continue;
141191270Srwatson#endif
142191270Srwatson		if (inp->inp_ip_p && inp->inp_ip_p != proto)
143155192Srwatson			continue;
144155192Srwatson		if (inp->inp_laddr.s_addr &&
145155192Srwatson                  inp->inp_laddr.s_addr != ip->ip_dst.s_addr)
146155192Srwatson			continue;
147155192Srwatson		if (inp->inp_faddr.s_addr &&
148155192Srwatson                  inp->inp_faddr.s_addr != ip->ip_src.s_addr)
149191270Srwatson			continue;
150155192Srwatson		if (last) {
151155192Srwatson			struct mbuf *n = m_copy(m, 0, (int)M_COPYALL);
152184856Scsjp			int policyfail = 0;
153155192Srwatson
154155192Srwatson			if (n != NULL) {
155155192Srwatson#ifdef IPSSEC
156156889Srwatson				/* check AH/ESP integrity. */
157156889Srwatson				if (ipsec4_in_reject_so(n, last->inp_socket)) {
158156889Srwatson					policyfail = 1;
159155192Srwatson					ipsecstat.in_polvio++;
160155192Srwatson					/* do not inject data to pcb */
161155192Srwatson				}
162155192Srwatson#endif /*IPSEC*/
163155192Srwatson#ifdef FAST_IPSEC
164155192Srwatson				/* check AH/ESP integrity. */
165155192Srwatson				if (ipsec4_in_reject(n, last)) {
166155192Srwatson					policyfail = 1;
167155192Srwatson					/* do not inject data to pcb */
168155192Srwatson				}
169155192Srwatson#endif /*FAST_IPSEC*/
170155192Srwatson#ifdef MAC
171155192Srwatson				if (policyfail == 0 &&
172156889Srwatson				    mac_check_socket_deliver(last->inp_socket,
173156889Srwatson				    n) != 0)
174156889Srwatson					policyfail = 1;
175156889Srwatson#endif
176156889Srwatson			}
177156889Srwatson			if (policyfail)
178156889Srwatson				m_freem(n);
179156889Srwatson			else if (n) {
180168688Scsjp				if (last->inp_flags & INP_CONTROLOPTS ||
181156889Srwatson				    last->inp_socket->so_options & SO_TIMESTAMP)
182155192Srwatson				    ip_savecontrol(last, &opts, ip, n);
183155192Srwatson				if (sbappendaddr(&last->inp_socket->so_rcv,
184156889Srwatson				    (struct sockaddr *)&ripsrc, n,
185156889Srwatson				    opts) == 0) {
186156889Srwatson					/* should notify about lost packet */
187156889Srwatson					m_freem(n);
188156889Srwatson					if (opts)
189156889Srwatson					    m_freem(opts);
190156889Srwatson				} else
191156889Srwatson					sorwakeup(last->inp_socket);
192156889Srwatson				opts = 0;
193168688Scsjp			}
194156889Srwatson		}
195156889Srwatson		last = inp;
196156889Srwatson	}
197156889Srwatson	if (last) {
198156889Srwatson#ifdef IPSEC
199195925Srwatson		/* check AH/ESP integrity. */
200195925Srwatson		if (ipsec4_in_reject_so(m, last->inp_socket)) {
201156889Srwatson			m_freem(m);
202156889Srwatson			ipsecstat.in_polvio++;
203156889Srwatson			ipstat.ips_delivered--;
204156889Srwatson			/* do not inject data to pcb */
205156889Srwatson			return;
206156889Srwatson		}
207156889Srwatson#endif /*IPSEC*/
208156889Srwatson#ifdef FAST_IPSEC
209156889Srwatson		/* check AH/ESP integrity. */
210156889Srwatson		if (ipsec4_in_reject(m, last)) {
211156889Srwatson			m_freem(m);
212156889Srwatson			ipstat.ips_delivered--;
213156889Srwatson			/* do not inject data to pcb */
214156889Srwatson			return;
215156889Srwatson		}
216156889Srwatson#endif /*FAST_IPSEC*/
217156889Srwatson#ifdef MAC
218156889Srwatson		if (mac_check_socket_deliver(last->inp_socket, m) != 0) {
219156889Srwatson			m_freem(m);
220156889Srwatson			ipstat.ips_delivered--;
221156889Srwatson			return;
222156889Srwatson		}
223156889Srwatson#endif
224156889Srwatson		if (last->inp_flags & INP_CONTROLOPTS ||
225161813Swsalamon		    last->inp_socket->so_options & SO_TIMESTAMP)
226161813Swsalamon			ip_savecontrol(last, &opts, ip, m);
227161813Swsalamon		if (sbappendaddr(&last->inp_socket->so_rcv,
228161813Swsalamon		    (struct sockaddr *)&ripsrc, m, opts) == 0) {
229156889Srwatson			m_freem(m);
230156889Srwatson			if (opts)
231164011Scsjp			    m_freem(opts);
232155192Srwatson		} else
233155192Srwatson			sorwakeup(last->inp_socket);
234155192Srwatson	} else {
235155192Srwatson		m_freem(m);
236155192Srwatson		ipstat.ips_noproto++;
237155192Srwatson		ipstat.ips_delivered--;
238155192Srwatson	}
239155192Srwatson}
240155192Srwatson
241155192Srwatson/*
242155192Srwatson * Generate IP header and pass packet to ip_output.
243155192Srwatson * Tack on options user may have setup with control call.
244155192Srwatson */
245155192Srwatsonint
246156889Srwatsonrip_output(m, so, dst)
247156889Srwatson	struct mbuf *m;
248155192Srwatson	struct socket *so;
249155192Srwatson	u_long dst;
250156889Srwatson{
251156889Srwatson	register struct ip *ip;
252156889Srwatson	register struct inpcb *inp = sotoinpcb(so);
253156889Srwatson	int flags = (so->so_options & SO_DONTROUTE) | IP_ALLOWBROADCAST;
254156889Srwatson
255156889Srwatson#ifdef MAC
256155192Srwatson	mac_create_mbuf_from_socket(so, m);
257156888Srwatson#endif
258155192Srwatson
259155192Srwatson	/*
260155192Srwatson	 * If the user handed us a complete IP packet, use it.
261155192Srwatson	 * Otherwise, allocate an mbuf for a header and fill it in.
262155192Srwatson	 */
263155192Srwatson	if ((inp->inp_flags & INP_HDRINCL) == 0) {
264156888Srwatson		if (m->m_pkthdr.len + sizeof(struct ip) > IP_MAXPACKET) {
265155192Srwatson			m_freem(m);
266155192Srwatson			return(EMSGSIZE);
267155192Srwatson		}
268155192Srwatson		M_PREPEND(m, sizeof(struct ip), M_TRYWAIT);
269155192Srwatson		ip = mtod(m, struct ip *);
270155192Srwatson		ip->ip_tos = inp->inp_ip_tos;
271155192Srwatson		ip->ip_off = 0;
272156291Srwatson		ip->ip_p = inp->inp_ip_p;
273156889Srwatson		ip->ip_len = m->m_pkthdr.len;
274156889Srwatson		ip->ip_src = inp->inp_laddr;
275155192Srwatson		ip->ip_dst.s_addr = dst;
276155192Srwatson		ip->ip_ttl = inp->inp_ip_ttl;
277155192Srwatson	} else {
278155192Srwatson		if (m->m_pkthdr.len > IP_MAXPACKET) {
279156889Srwatson			m_freem(m);
280156889Srwatson			return(EMSGSIZE);
281155192Srwatson		}
282155192Srwatson		ip = mtod(m, struct ip *);
283155192Srwatson		/* don't allow both user specified and setsockopt options,
284155192Srwatson		   and don't allow packet length sizes that will crash */
285156889Srwatson		if (((ip->ip_hl != (sizeof (*ip) >> 2))
286156889Srwatson		     && inp->inp_options)
287156889Srwatson		    || (ip->ip_len > m->m_pkthdr.len)
288155192Srwatson		    || (ip->ip_len < (ip->ip_hl << 2))) {
289156888Srwatson			m_freem(m);
290156888Srwatson			return EINVAL;
291156888Srwatson		}
292156888Srwatson		if (ip->ip_id == 0)
293156889Srwatson#ifdef RANDOM_IP_ID
294159261Srwatson			ip->ip_id = ip_randomid();
295159261Srwatson#else
296156889Srwatson			ip->ip_id = htons(ip_id++);
297191270Srwatson#endif
298191270Srwatson		/* XXX prevent ip_output from overwriting header fields */
299156889Srwatson		flags |= IP_RAWOUTPUT;
300156888Srwatson		ipstat.ips_rawout++;
301156888Srwatson	}
302155192Srwatson
303155192Srwatson	return (ip_output(m, inp->inp_options, &inp->inp_route, flags,
304155192Srwatson			  inp->inp_moptions, inp));
305155192Srwatson}
306155192Srwatson
307155192Srwatson/*
308155192Srwatson * Raw IP socket option processing.
309155192Srwatson */
310155192Srwatsonint
311155192Srwatsonrip_ctloutput(so, sopt)
312155192Srwatson	struct socket *so;
313156889Srwatson	struct sockopt *sopt;
314170196Srwatson{
315155192Srwatson	struct	inpcb *inp = sotoinpcb(so);
316155192Srwatson	int	error, optval;
317155192Srwatson
318155192Srwatson	if (sopt->sopt_level != IPPROTO_IP)
319155192Srwatson		return (EINVAL);
320155192Srwatson
321159269Srwatson	error = 0;
322159269Srwatson
323155192Srwatson	switch (sopt->sopt_dir) {
324155192Srwatson	case SOPT_GET:
325155192Srwatson		switch (sopt->sopt_name) {
326176690Srwatson		case IP_HDRINCL:
327176690Srwatson			optval = inp->inp_flags & INP_HDRINCL;
328195925Srwatson			error = sooptcopyout(sopt, &optval, sizeof optval);
329188313Srwatson			break;
330188313Srwatson
331176565Srwatson		case IP_FW_ADD:	/* ADD actually returns the body... */
332188313Srwatson		case IP_FW_GET:
333155192Srwatson			if (IPFW_LOADED)
334155192Srwatson				error = ip_fw_ctl_ptr(sopt);
335155192Srwatson			else
336155192Srwatson				error = ENOPROTOOPT;
337155192Srwatson			break;
338155192Srwatson
339176686Srwatson		case IP_DUMMYNET_GET:
340155192Srwatson			if (DUMMYNET_LOADED)
341155192Srwatson				error = ip_dn_ctl_ptr(sopt);
342184858Srwatson			else
343184858Srwatson				error = ENOPROTOOPT;
344184858Srwatson			break ;
345184858Srwatson
346184858Srwatson		case MRT_INIT:
347184858Srwatson		case MRT_DONE:
348155192Srwatson		case MRT_ADD_VIF:
349155192Srwatson		case MRT_DEL_VIF:
350155192Srwatson		case MRT_ADD_MFC:
351156888Srwatson		case MRT_DEL_MFC:
352155192Srwatson		case MRT_VERSION:
353155192Srwatson		case MRT_ASSERT:
354155192Srwatson			error = ip_mrouter_get(so, sopt);
355156888Srwatson			break;
356155192Srwatson
357155408Srwatson		default:
358155408Srwatson			error = ip_ctloutput(so, sopt);
359155408Srwatson			break;
360159269Srwatson		}
361159269Srwatson		break;
362159269Srwatson
363159269Srwatson	case SOPT_SET:
364159269Srwatson		switch (sopt->sopt_name) {
365155408Srwatson		case IP_HDRINCL:
366156882Srwatson			error = sooptcopyin(sopt, &optval, sizeof optval,
367					    sizeof optval);
368			if (error)
369				break;
370			if (optval)
371				inp->inp_flags |= INP_HDRINCL;
372			else
373				inp->inp_flags &= ~INP_HDRINCL;
374			break;
375
376		case IP_FW_ADD:
377		case IP_FW_DEL:
378		case IP_FW_FLUSH:
379		case IP_FW_ZERO:
380		case IP_FW_RESETLOG:
381			if (IPFW_LOADED)
382				error = ip_fw_ctl_ptr(sopt);
383			else
384				error = ENOPROTOOPT;
385			break;
386
387		case IP_DUMMYNET_CONFIGURE:
388		case IP_DUMMYNET_DEL:
389		case IP_DUMMYNET_FLUSH:
390			if (DUMMYNET_LOADED)
391				error = ip_dn_ctl_ptr(sopt);
392			else
393				error = ENOPROTOOPT ;
394			break ;
395
396		case IP_RSVP_ON:
397			error = ip_rsvp_init(so);
398			break;
399
400		case IP_RSVP_OFF:
401			error = ip_rsvp_done();
402			break;
403
404			/* XXX - should be combined */
405		case IP_RSVP_VIF_ON:
406			error = ip_rsvp_vif_init(so, sopt);
407			break;
408
409		case IP_RSVP_VIF_OFF:
410			error = ip_rsvp_vif_done(so, sopt);
411			break;
412
413		case MRT_INIT:
414		case MRT_DONE:
415		case MRT_ADD_VIF:
416		case MRT_DEL_VIF:
417		case MRT_ADD_MFC:
418		case MRT_DEL_MFC:
419		case MRT_VERSION:
420		case MRT_ASSERT:
421			error = ip_mrouter_set(so, sopt);
422			break;
423
424		default:
425			error = ip_ctloutput(so, sopt);
426			break;
427		}
428		break;
429	}
430
431	return (error);
432}
433
434/*
435 * This function exists solely to receive the PRC_IFDOWN messages which
436 * are sent by if_down().  It looks for an ifaddr whose ifa_addr is sa,
437 * and calls in_ifadown() to remove all routes corresponding to that address.
438 * It also receives the PRC_IFUP messages from if_up() and reinstalls the
439 * interface routes.
440 */
441void
442rip_ctlinput(cmd, sa, vip)
443	int cmd;
444	struct sockaddr *sa;
445	void *vip;
446{
447	struct in_ifaddr *ia;
448	struct ifnet *ifp;
449	int err;
450	int flags;
451
452	switch (cmd) {
453	case PRC_IFDOWN:
454		TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) {
455			if (ia->ia_ifa.ifa_addr == sa
456			    && (ia->ia_flags & IFA_ROUTE)) {
457				/*
458				 * in_ifscrub kills the interface route.
459				 */
460				in_ifscrub(ia->ia_ifp, ia);
461				/*
462				 * in_ifadown gets rid of all the rest of
463				 * the routes.  This is not quite the right
464				 * thing to do, but at least if we are running
465				 * a routing process they will come back.
466				 */
467				in_ifadown(&ia->ia_ifa, 0);
468				break;
469			}
470		}
471		break;
472
473	case PRC_IFUP:
474		TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) {
475			if (ia->ia_ifa.ifa_addr == sa)
476				break;
477		}
478		if (ia == 0 || (ia->ia_flags & IFA_ROUTE))
479			return;
480		flags = RTF_UP;
481		ifp = ia->ia_ifa.ifa_ifp;
482
483		if ((ifp->if_flags & IFF_LOOPBACK)
484		    || (ifp->if_flags & IFF_POINTOPOINT))
485			flags |= RTF_HOST;
486
487		err = rtinit(&ia->ia_ifa, RTM_ADD, flags);
488		if (err == 0)
489			ia->ia_flags |= IFA_ROUTE;
490		break;
491	}
492}
493
494u_long	rip_sendspace = RIPSNDQ;
495u_long	rip_recvspace = RIPRCVQ;
496
497SYSCTL_INT(_net_inet_raw, OID_AUTO, maxdgram, CTLFLAG_RW,
498    &rip_sendspace, 0, "Maximum outgoing raw IP datagram size");
499SYSCTL_INT(_net_inet_raw, OID_AUTO, recvspace, CTLFLAG_RW,
500    &rip_recvspace, 0, "Maximum incoming raw IP datagram size");
501
502static int
503rip_attach(struct socket *so, int proto, struct thread *td)
504{
505	struct inpcb *inp;
506	int error, s;
507
508	inp = sotoinpcb(so);
509	if (inp)
510		panic("rip_attach");
511	if (td && (error = suser(td)) != 0)
512		return error;
513
514	error = soreserve(so, rip_sendspace, rip_recvspace);
515	if (error)
516		return error;
517	s = splnet();
518	error = in_pcballoc(so, &ripcbinfo, td);
519	splx(s);
520	if (error)
521		return error;
522	inp = (struct inpcb *)so->so_pcb;
523	inp->inp_vflag |= INP_IPV4;
524	inp->inp_ip_p = proto;
525	inp->inp_ip_ttl = ip_defttl;
526	return 0;
527}
528
529static int
530rip_detach(struct socket *so)
531{
532	struct inpcb *inp;
533
534	inp = sotoinpcb(so);
535	if (inp == 0)
536		panic("rip_detach");
537	if (so == ip_mrouter)
538		ip_mrouter_done();
539	ip_rsvp_force_done(so);
540	if (so == ip_rsvpd)
541		ip_rsvp_done();
542	in_pcbdetach(inp);
543	return 0;
544}
545
546static int
547rip_abort(struct socket *so)
548{
549	soisdisconnected(so);
550	return rip_detach(so);
551}
552
553static int
554rip_disconnect(struct socket *so)
555{
556	if ((so->so_state & SS_ISCONNECTED) == 0)
557		return ENOTCONN;
558	return rip_abort(so);
559}
560
561static int
562rip_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
563{
564	struct inpcb *inp = sotoinpcb(so);
565	struct sockaddr_in *addr = (struct sockaddr_in *)nam;
566
567	if (nam->sa_len != sizeof(*addr))
568		return EINVAL;
569
570	if (TAILQ_EMPTY(&ifnet) || ((addr->sin_family != AF_INET) &&
571				    (addr->sin_family != AF_IMPLINK)) ||
572	    (addr->sin_addr.s_addr &&
573	     ifa_ifwithaddr((struct sockaddr *)addr) == 0))
574		return EADDRNOTAVAIL;
575	inp->inp_laddr = addr->sin_addr;
576	return 0;
577}
578
579static int
580rip_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
581{
582	struct inpcb *inp = sotoinpcb(so);
583	struct sockaddr_in *addr = (struct sockaddr_in *)nam;
584
585	if (nam->sa_len != sizeof(*addr))
586		return EINVAL;
587	if (TAILQ_EMPTY(&ifnet))
588		return EADDRNOTAVAIL;
589	if ((addr->sin_family != AF_INET) &&
590	    (addr->sin_family != AF_IMPLINK))
591		return EAFNOSUPPORT;
592	inp->inp_faddr = addr->sin_addr;
593	soisconnected(so);
594	return 0;
595}
596
597static int
598rip_shutdown(struct socket *so)
599{
600	socantsendmore(so);
601	return 0;
602}
603
604static int
605rip_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam,
606	 struct mbuf *control, struct thread *td)
607{
608	struct inpcb *inp = sotoinpcb(so);
609	register u_long dst;
610
611	if (so->so_state & SS_ISCONNECTED) {
612		if (nam) {
613			m_freem(m);
614			return EISCONN;
615		}
616		dst = inp->inp_faddr.s_addr;
617	} else {
618		if (nam == NULL) {
619			m_freem(m);
620			return ENOTCONN;
621		}
622		dst = ((struct sockaddr_in *)nam)->sin_addr.s_addr;
623	}
624	return rip_output(m, so, dst);
625}
626
627static int
628rip_pcblist(SYSCTL_HANDLER_ARGS)
629{
630	int error, i, n, s;
631	struct inpcb *inp, **inp_list;
632	inp_gen_t gencnt;
633	struct xinpgen xig;
634
635	/*
636	 * The process of preparing the TCB list is too time-consuming and
637	 * resource-intensive to repeat twice on every request.
638	 */
639	if (req->oldptr == 0) {
640		n = ripcbinfo.ipi_count;
641		req->oldidx = 2 * (sizeof xig)
642			+ (n + n/8) * sizeof(struct xinpcb);
643		return 0;
644	}
645
646	if (req->newptr != 0)
647		return EPERM;
648
649	/*
650	 * OK, now we're committed to doing something.
651	 */
652	s = splnet();
653	gencnt = ripcbinfo.ipi_gencnt;
654	n = ripcbinfo.ipi_count;
655	splx(s);
656
657	xig.xig_len = sizeof xig;
658	xig.xig_count = n;
659	xig.xig_gen = gencnt;
660	xig.xig_sogen = so_gencnt;
661	error = SYSCTL_OUT(req, &xig, sizeof xig);
662	if (error)
663		return error;
664
665	inp_list = malloc(n * sizeof *inp_list, M_TEMP, M_WAITOK);
666	if (inp_list == 0)
667		return ENOMEM;
668
669	s = splnet();
670	for (inp = LIST_FIRST(ripcbinfo.listhead), i = 0; inp && i < n;
671	     inp = LIST_NEXT(inp, inp_list)) {
672		if (inp->inp_gencnt <= gencnt) {
673			if (cr_canseesocket(req->td->td_ucred,
674			    inp->inp_socket))
675				continue;
676			inp_list[i++] = inp;
677		}
678	}
679	splx(s);
680	n = i;
681
682	error = 0;
683	for (i = 0; i < n; i++) {
684		inp = inp_list[i];
685		if (inp->inp_gencnt <= gencnt) {
686			struct xinpcb xi;
687			xi.xi_len = sizeof xi;
688			/* XXX should avoid extra copy */
689			bcopy(inp, &xi.xi_inp, sizeof *inp);
690			if (inp->inp_socket)
691				sotoxsocket(inp->inp_socket, &xi.xi_socket);
692			error = SYSCTL_OUT(req, &xi, sizeof xi);
693		}
694	}
695	if (!error) {
696		/*
697		 * Give the user an updated idea of our state.
698		 * If the generation differs from what we told
699		 * her before, she knows that something happened
700		 * while we were processing this request, and it
701		 * might be necessary to retry.
702		 */
703		s = splnet();
704		xig.xig_gen = ripcbinfo.ipi_gencnt;
705		xig.xig_sogen = so_gencnt;
706		xig.xig_count = ripcbinfo.ipi_count;
707		splx(s);
708		error = SYSCTL_OUT(req, &xig, sizeof xig);
709	}
710	free(inp_list, M_TEMP);
711	return error;
712}
713
714/*
715 * This is the wrapper function for in_setsockaddr.  We just pass down
716 * the pcbinfo for in_setpeeraddr to lock.
717 */
718static int
719rip_sockaddr(struct socket *so, struct sockaddr **nam)
720{
721	return (in_setsockaddr(so, nam, &ripcbinfo));
722}
723
724/*
725 * This is the wrapper function for in_setpeeraddr.  We just pass down
726 * the pcbinfo for in_setpeeraddr to lock.
727 */
728static int
729rip_peeraddr(struct socket *so, struct sockaddr **nam)
730{
731	return (in_setpeeraddr(so, nam, &ripcbinfo));
732}
733
734
735SYSCTL_PROC(_net_inet_raw, OID_AUTO/*XXX*/, pcblist, CTLFLAG_RD, 0, 0,
736	    rip_pcblist, "S,xinpcb", "List of active raw IP sockets");
737
738struct pr_usrreqs rip_usrreqs = {
739	rip_abort, pru_accept_notsupp, rip_attach, rip_bind, rip_connect,
740	pru_connect2_notsupp, in_control, rip_detach, rip_disconnect,
741	pru_listen_notsupp, rip_peeraddr, pru_rcvd_notsupp,
742	pru_rcvoob_notsupp, rip_send, pru_sense_null, rip_shutdown,
743	rip_sockaddr, sosend, soreceive, sopoll
744};
745