1/* 2 * Copyright (C) 2004, 2005, 2007, 2008, 2012 Internet Systems Consortium, Inc. ("ISC") 3 * Copyright (C) 1999-2003 Internet Software Consortium. 4 * 5 * Permission to use, copy, modify, and/or distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15 * PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18/* $Id$ */ 19 20#include <config.h> 21 22#include <sys/types.h> 23 24#if defined(HAVE_SYS_SYSCTL_H) 25#if defined(HAVE_SYS_PARAM_H) 26#include <sys/param.h> 27#endif 28#include <sys/sysctl.h> 29#endif 30 31#include <errno.h> 32#include <unistd.h> 33 34#include <isc/log.h> 35#include <isc/msgs.h> 36#include <isc/net.h> 37#include <isc/once.h> 38#include <isc/strerror.h> 39#include <isc/string.h> 40#include <isc/util.h> 41 42/*% 43 * Definitions about UDP port range specification. This is a total mess of 44 * portability variants: some use sysctl (but the sysctl names vary), some use 45 * system-specific interfaces, some have the same interface for IPv4 and IPv6, 46 * some separate them, etc... 47 */ 48 49/*% 50 * The last resort defaults: use all non well known port space 51 */ 52#ifndef ISC_NET_PORTRANGELOW 53#define ISC_NET_PORTRANGELOW 1024 54#endif /* ISC_NET_PORTRANGELOW */ 55#ifndef ISC_NET_PORTRANGEHIGH 56#define ISC_NET_PORTRANGEHIGH 65535 57#endif /* ISC_NET_PORTRANGEHIGH */ 58 59#ifdef HAVE_SYSCTLBYNAME 60 61/*% 62 * sysctl variants 63 */ 64#if defined(__FreeBSD__) || defined(__APPLE__) || defined(__DragonFly__) 65#define USE_SYSCTL_PORTRANGE 66#define SYSCTL_V4PORTRANGE_LOW "net.inet.ip.portrange.hifirst" 67#define SYSCTL_V4PORTRANGE_HIGH "net.inet.ip.portrange.hilast" 68#define SYSCTL_V6PORTRANGE_LOW "net.inet.ip.portrange.hifirst" 69#define SYSCTL_V6PORTRANGE_HIGH "net.inet.ip.portrange.hilast" 70#endif 71 72#ifdef __NetBSD__ 73#define USE_SYSCTL_PORTRANGE 74#define SYSCTL_V4PORTRANGE_LOW "net.inet.ip.anonportmin" 75#define SYSCTL_V4PORTRANGE_HIGH "net.inet.ip.anonportmax" 76#define SYSCTL_V6PORTRANGE_LOW "net.inet6.ip6.anonportmin" 77#define SYSCTL_V6PORTRANGE_HIGH "net.inet6.ip6.anonportmax" 78#endif 79 80#else /* !HAVE_SYSCTLBYNAME */ 81 82#ifdef __OpenBSD__ 83#define USE_SYSCTL_PORTRANGE 84#define SYSCTL_V4PORTRANGE_LOW { CTL_NET, PF_INET, IPPROTO_IP, \ 85 IPCTL_IPPORT_HIFIRSTAUTO } 86#define SYSCTL_V4PORTRANGE_HIGH { CTL_NET, PF_INET, IPPROTO_IP, \ 87 IPCTL_IPPORT_HILASTAUTO } 88/* Same for IPv6 */ 89#define SYSCTL_V6PORTRANGE_LOW SYSCTL_V4PORTRANGE_LOW 90#define SYSCTL_V6PORTRANGE_HIGH SYSCTL_V4PORTRANGE_HIGH 91#endif 92 93#endif /* HAVE_SYSCTLBYNAME */ 94 95#if defined(ISC_PLATFORM_HAVEIPV6) 96# if defined(ISC_PLATFORM_NEEDIN6ADDRANY) 97const struct in6_addr isc_net_in6addrany = IN6ADDR_ANY_INIT; 98# endif 99 100# if defined(ISC_PLATFORM_NEEDIN6ADDRLOOPBACK) 101const struct in6_addr isc_net_in6addrloop = IN6ADDR_LOOPBACK_INIT; 102# endif 103 104# if defined(WANT_IPV6) 105static isc_once_t once_ipv6only = ISC_ONCE_INIT; 106# endif 107 108# if defined(ISC_PLATFORM_HAVEIN6PKTINFO) 109static isc_once_t once_ipv6pktinfo = ISC_ONCE_INIT; 110# endif 111#endif /* ISC_PLATFORM_HAVEIPV6 */ 112 113static isc_once_t once = ISC_ONCE_INIT; 114 115static isc_result_t ipv4_result = ISC_R_NOTFOUND; 116static isc_result_t ipv6_result = ISC_R_NOTFOUND; 117static isc_result_t unix_result = ISC_R_NOTFOUND; 118static isc_result_t ipv6only_result = ISC_R_NOTFOUND; 119static isc_result_t ipv6pktinfo_result = ISC_R_NOTFOUND; 120 121static isc_result_t 122try_proto(int domain) { 123 int s; 124 isc_result_t result = ISC_R_SUCCESS; 125 char strbuf[ISC_STRERRORSIZE]; 126 127 s = socket(domain, SOCK_STREAM, 0); 128 if (s == -1) { 129 switch (errno) { 130#ifdef EAFNOSUPPORT 131 case EAFNOSUPPORT: 132#endif 133#ifdef EPROTONOSUPPORT 134 case EPROTONOSUPPORT: 135#endif 136#ifdef EINVAL 137 case EINVAL: 138#endif 139 return (ISC_R_NOTFOUND); 140 default: 141 isc__strerror(errno, strbuf, sizeof(strbuf)); 142 UNEXPECTED_ERROR(__FILE__, __LINE__, 143 "socket() %s: %s", 144 isc_msgcat_get(isc_msgcat, 145 ISC_MSGSET_GENERAL, 146 ISC_MSG_FAILED, 147 "failed"), 148 strbuf); 149 return (ISC_R_UNEXPECTED); 150 } 151 } 152 153#ifdef ISC_PLATFORM_HAVEIPV6 154#ifdef WANT_IPV6 155#ifdef ISC_PLATFORM_HAVEIN6PKTINFO 156 if (domain == PF_INET6) { 157 struct sockaddr_in6 sin6; 158 unsigned int len; 159 160 /* 161 * Check to see if IPv6 is broken, as is common on Linux. 162 */ 163 len = sizeof(sin6); 164 if (getsockname(s, (struct sockaddr *)&sin6, (void *)&len) < 0) 165 { 166 isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, 167 ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, 168 "retrieving the address of an IPv6 " 169 "socket from the kernel failed."); 170 isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL, 171 ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR, 172 "IPv6 is not supported."); 173 result = ISC_R_NOTFOUND; 174 } else { 175 if (len == sizeof(struct sockaddr_in6)) 176 result = ISC_R_SUCCESS; 177 else { 178 isc_log_write(isc_lctx, 179 ISC_LOGCATEGORY_GENERAL, 180 ISC_LOGMODULE_SOCKET, 181 ISC_LOG_ERROR, 182 "IPv6 structures in kernel and " 183 "user space do not match."); 184 isc_log_write(isc_lctx, 185 ISC_LOGCATEGORY_GENERAL, 186 ISC_LOGMODULE_SOCKET, 187 ISC_LOG_ERROR, 188 "IPv6 is not supported."); 189 result = ISC_R_NOTFOUND; 190 } 191 } 192 } 193#endif 194#endif 195#endif 196 197 (void)close(s); 198 199 return (result); 200} 201 202static void 203initialize_action(void) { 204 ipv4_result = try_proto(PF_INET); 205#ifdef ISC_PLATFORM_HAVEIPV6 206#ifdef WANT_IPV6 207#ifdef ISC_PLATFORM_HAVEIN6PKTINFO 208 ipv6_result = try_proto(PF_INET6); 209#endif 210#endif 211#endif 212#ifdef ISC_PLATFORM_HAVESYSUNH 213 unix_result = try_proto(PF_UNIX); 214#endif 215} 216 217static void 218initialize(void) { 219 RUNTIME_CHECK(isc_once_do(&once, initialize_action) == ISC_R_SUCCESS); 220} 221 222isc_result_t 223isc_net_probeipv4(void) { 224 initialize(); 225 return (ipv4_result); 226} 227 228isc_result_t 229isc_net_probeipv6(void) { 230 initialize(); 231 return (ipv6_result); 232} 233 234isc_result_t 235isc_net_probeunix(void) { 236 initialize(); 237 return (unix_result); 238} 239 240#ifdef ISC_PLATFORM_HAVEIPV6 241#ifdef WANT_IPV6 242static void 243try_ipv6only(void) { 244#ifdef IPV6_V6ONLY 245 int s, on; 246 char strbuf[ISC_STRERRORSIZE]; 247#endif 248 isc_result_t result; 249 250 result = isc_net_probeipv6(); 251 if (result != ISC_R_SUCCESS) { 252 ipv6only_result = result; 253 return; 254 } 255 256#ifndef IPV6_V6ONLY 257 ipv6only_result = ISC_R_NOTFOUND; 258 return; 259#else 260 /* check for TCP sockets */ 261 s = socket(PF_INET6, SOCK_STREAM, 0); 262 if (s == -1) { 263 isc__strerror(errno, strbuf, sizeof(strbuf)); 264 UNEXPECTED_ERROR(__FILE__, __LINE__, 265 "socket() %s: %s", 266 isc_msgcat_get(isc_msgcat, 267 ISC_MSGSET_GENERAL, 268 ISC_MSG_FAILED, 269 "failed"), 270 strbuf); 271 ipv6only_result = ISC_R_UNEXPECTED; 272 return; 273 } 274 275 on = 1; 276 if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) { 277 ipv6only_result = ISC_R_NOTFOUND; 278 goto close; 279 } 280 281 close(s); 282 283 /* check for UDP sockets */ 284 s = socket(PF_INET6, SOCK_DGRAM, 0); 285 if (s == -1) { 286 isc__strerror(errno, strbuf, sizeof(strbuf)); 287 UNEXPECTED_ERROR(__FILE__, __LINE__, 288 "socket() %s: %s", 289 isc_msgcat_get(isc_msgcat, 290 ISC_MSGSET_GENERAL, 291 ISC_MSG_FAILED, 292 "failed"), 293 strbuf); 294 ipv6only_result = ISC_R_UNEXPECTED; 295 return; 296 } 297 298 on = 1; 299 if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) { 300 ipv6only_result = ISC_R_NOTFOUND; 301 goto close; 302 } 303 304 close(s); 305 306 ipv6only_result = ISC_R_SUCCESS; 307 308close: 309 close(s); 310 return; 311#endif /* IPV6_V6ONLY */ 312} 313 314static void 315initialize_ipv6only(void) { 316 RUNTIME_CHECK(isc_once_do(&once_ipv6only, 317 try_ipv6only) == ISC_R_SUCCESS); 318} 319#endif /* WANT_IPV6 */ 320 321#ifdef ISC_PLATFORM_HAVEIN6PKTINFO 322static void 323try_ipv6pktinfo(void) { 324 int s, on; 325 char strbuf[ISC_STRERRORSIZE]; 326 isc_result_t result; 327 int optname; 328 329 result = isc_net_probeipv6(); 330 if (result != ISC_R_SUCCESS) { 331 ipv6pktinfo_result = result; 332 return; 333 } 334 335 /* we only use this for UDP sockets */ 336 s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP); 337 if (s == -1) { 338 isc__strerror(errno, strbuf, sizeof(strbuf)); 339 UNEXPECTED_ERROR(__FILE__, __LINE__, 340 "socket() %s: %s", 341 isc_msgcat_get(isc_msgcat, 342 ISC_MSGSET_GENERAL, 343 ISC_MSG_FAILED, 344 "failed"), 345 strbuf); 346 ipv6pktinfo_result = ISC_R_UNEXPECTED; 347 return; 348 } 349 350#ifdef IPV6_RECVPKTINFO 351 optname = IPV6_RECVPKTINFO; 352#else 353 optname = IPV6_PKTINFO; 354#endif 355 on = 1; 356 if (setsockopt(s, IPPROTO_IPV6, optname, &on, sizeof(on)) < 0) { 357 ipv6pktinfo_result = ISC_R_NOTFOUND; 358 goto close; 359 } 360 361 close(s); 362 ipv6pktinfo_result = ISC_R_SUCCESS; 363 364close: 365 close(s); 366 return; 367} 368 369static void 370initialize_ipv6pktinfo(void) { 371 RUNTIME_CHECK(isc_once_do(&once_ipv6pktinfo, 372 try_ipv6pktinfo) == ISC_R_SUCCESS); 373} 374#endif /* ISC_PLATFORM_HAVEIN6PKTINFO */ 375#endif /* ISC_PLATFORM_HAVEIPV6 */ 376 377isc_result_t 378isc_net_probe_ipv6only(void) { 379#ifdef ISC_PLATFORM_HAVEIPV6 380#ifdef WANT_IPV6 381 initialize_ipv6only(); 382#else 383 ipv6only_result = ISC_R_NOTFOUND; 384#endif 385#endif 386 return (ipv6only_result); 387} 388 389isc_result_t 390isc_net_probe_ipv6pktinfo(void) { 391#ifdef ISC_PLATFORM_HAVEIPV6 392#ifdef ISC_PLATFORM_HAVEIN6PKTINFO 393#ifdef WANT_IPV6 394 initialize_ipv6pktinfo(); 395#else 396 ipv6pktinfo_result = ISC_R_NOTFOUND; 397#endif 398#endif 399#endif 400 return (ipv6pktinfo_result); 401} 402 403#if defined(USE_SYSCTL_PORTRANGE) 404#if defined(HAVE_SYSCTLBYNAME) 405static isc_result_t 406getudpportrange_sysctl(int af, in_port_t *low, in_port_t *high) { 407 int port_low, port_high; 408 size_t portlen; 409 const char *sysctlname_lowport, *sysctlname_hiport; 410 411 if (af == AF_INET) { 412 sysctlname_lowport = SYSCTL_V4PORTRANGE_LOW; 413 sysctlname_hiport = SYSCTL_V4PORTRANGE_HIGH; 414 } else { 415 sysctlname_lowport = SYSCTL_V6PORTRANGE_LOW; 416 sysctlname_hiport = SYSCTL_V6PORTRANGE_HIGH; 417 } 418 portlen = sizeof(portlen); 419 if (sysctlbyname(sysctlname_lowport, &port_low, &portlen, 420 NULL, 0) < 0) { 421 return (ISC_R_FAILURE); 422 } 423 portlen = sizeof(portlen); 424 if (sysctlbyname(sysctlname_hiport, &port_high, &portlen, 425 NULL, 0) < 0) { 426 return (ISC_R_FAILURE); 427 } 428 if ((port_low & ~0xffff) != 0 || (port_high & ~0xffff) != 0) 429 return (ISC_R_RANGE); 430 431 *low = (in_port_t)port_low; 432 *high = (in_port_t)port_high; 433 434 return (ISC_R_SUCCESS); 435} 436#else /* !HAVE_SYSCTLBYNAME */ 437static isc_result_t 438getudpportrange_sysctl(int af, in_port_t *low, in_port_t *high) { 439 int mib_lo4[4] = SYSCTL_V4PORTRANGE_LOW; 440 int mib_hi4[4] = SYSCTL_V4PORTRANGE_HIGH; 441 int mib_lo6[4] = SYSCTL_V6PORTRANGE_LOW; 442 int mib_hi6[4] = SYSCTL_V6PORTRANGE_HIGH; 443 int *mib_lo, *mib_hi, miblen; 444 int port_low, port_high; 445 size_t portlen; 446 447 if (af == AF_INET) { 448 mib_lo = mib_lo4; 449 mib_hi = mib_hi4; 450 miblen = sizeof(mib_lo4) / sizeof(mib_lo4[0]); 451 } else { 452 mib_lo = mib_lo6; 453 mib_hi = mib_hi6; 454 miblen = sizeof(mib_lo6) / sizeof(mib_lo6[0]); 455 } 456 457 portlen = sizeof(portlen); 458 if (sysctl(mib_lo, miblen, &port_low, &portlen, NULL, 0) < 0) { 459 return (ISC_R_FAILURE); 460 } 461 462 portlen = sizeof(portlen); 463 if (sysctl(mib_hi, miblen, &port_high, &portlen, NULL, 0) < 0) { 464 return (ISC_R_FAILURE); 465 } 466 467 if ((port_low & ~0xffff) != 0 || (port_high & ~0xffff) != 0) 468 return (ISC_R_RANGE); 469 470 *low = (in_port_t) port_low; 471 *high = (in_port_t) port_high; 472 473 return (ISC_R_SUCCESS); 474} 475#endif /* HAVE_SYSCTLBYNAME */ 476#endif /* USE_SYSCTL_PORTRANGE */ 477 478isc_result_t 479isc_net_getudpportrange(int af, in_port_t *low, in_port_t *high) { 480 int result = ISC_R_FAILURE; 481 482 REQUIRE(low != NULL && high != NULL); 483 484#if defined(USE_SYSCTL_PORTRANGE) 485 result = getudpportrange_sysctl(af, low, high); 486#else 487 UNUSED(af); 488#endif 489 490 if (result != ISC_R_SUCCESS) { 491 *low = ISC_NET_PORTRANGELOW; 492 *high = ISC_NET_PORTRANGEHIGH; 493 } 494 495 return (ISC_R_SUCCESS); /* we currently never fail in this function */ 496} 497 498void 499isc_net_disableipv4(void) { 500 initialize(); 501 if (ipv4_result == ISC_R_SUCCESS) 502 ipv4_result = ISC_R_DISABLED; 503} 504 505void 506isc_net_disableipv6(void) { 507 initialize(); 508 if (ipv6_result == ISC_R_SUCCESS) 509 ipv6_result = ISC_R_DISABLED; 510} 511 512void 513isc_net_enableipv4(void) { 514 initialize(); 515 if (ipv4_result == ISC_R_DISABLED) 516 ipv4_result = ISC_R_SUCCESS; 517} 518 519void 520isc_net_enableipv6(void) { 521 initialize(); 522 if (ipv6_result == ISC_R_DISABLED) 523 ipv6_result = ISC_R_SUCCESS; 524} 525