File: | netinet/ip_output.c |
Warning: | line 665, column 6 Branch condition evaluates to a garbage value |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: ip_output.c,v 1.392 2023/12/01 15:30:47 bluhm Exp $ */ | |||
2 | /* $NetBSD: ip_output.c,v 1.28 1996/02/13 23:43:07 christos Exp $ */ | |||
3 | ||||
4 | /* | |||
5 | * Copyright (c) 1982, 1986, 1988, 1990, 1993 | |||
6 | * The Regents of the University of California. All rights reserved. | |||
7 | * | |||
8 | * Redistribution and use in source and binary forms, with or without | |||
9 | * modification, are permitted provided that the following conditions | |||
10 | * are met: | |||
11 | * 1. Redistributions of source code must retain the above copyright | |||
12 | * notice, this list of conditions and the following disclaimer. | |||
13 | * 2. Redistributions in binary form must reproduce the above copyright | |||
14 | * notice, this list of conditions and the following disclaimer in the | |||
15 | * documentation and/or other materials provided with the distribution. | |||
16 | * 3. Neither the name of the University nor the names of its contributors | |||
17 | * may be used to endorse or promote products derived from this software | |||
18 | * without specific prior written permission. | |||
19 | * | |||
20 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | |||
21 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |||
22 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |||
23 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |||
24 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |||
25 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |||
26 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |||
27 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |||
28 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |||
29 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |||
30 | * SUCH DAMAGE. | |||
31 | * | |||
32 | * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 | |||
33 | */ | |||
34 | ||||
35 | #include "pf.h" | |||
36 | ||||
37 | #include <sys/param.h> | |||
38 | #include <sys/systm.h> | |||
39 | #include <sys/mbuf.h> | |||
40 | #include <sys/protosw.h> | |||
41 | #include <sys/socket.h> | |||
42 | #include <sys/socketvar.h> | |||
43 | #include <sys/proc.h> | |||
44 | #include <sys/kernel.h> | |||
45 | ||||
46 | #include <net/if.h> | |||
47 | #include <net/if_var.h> | |||
48 | #include <net/if_enc.h> | |||
49 | #include <net/route.h> | |||
50 | ||||
51 | #include <netinet/in.h> | |||
52 | #include <netinet/ip.h> | |||
53 | #include <netinet/in_pcb.h> | |||
54 | #include <netinet/in_var.h> | |||
55 | #include <netinet/ip_var.h> | |||
56 | #include <netinet/ip_icmp.h> | |||
57 | #include <netinet/tcp.h> | |||
58 | #include <netinet/udp.h> | |||
59 | #include <netinet/tcp_timer.h> | |||
60 | #include <netinet/tcp_var.h> | |||
61 | #include <netinet/udp_var.h> | |||
62 | ||||
63 | #if NPF1 > 0 | |||
64 | #include <net/pfvar.h> | |||
65 | #endif | |||
66 | ||||
67 | #ifdef IPSEC1 | |||
68 | #ifdef ENCDEBUG | |||
69 | #define DPRINTF(fmt, args...)do { } while (0) \ | |||
70 | do { \ | |||
71 | if (encdebug) \ | |||
72 | printf("%s: " fmt "\n", __func__, ## args); \ | |||
73 | } while (0) | |||
74 | #else | |||
75 | #define DPRINTF(fmt, args...)do { } while (0) \ | |||
76 | do { } while (0) | |||
77 | #endif | |||
78 | #endif /* IPSEC */ | |||
79 | ||||
80 | int ip_pcbopts(struct mbuf **, struct mbuf *); | |||
81 | int ip_multicast_if(struct ip_mreqn *, u_int, unsigned int *); | |||
82 | int ip_setmoptions(int, struct ip_moptions **, struct mbuf *, u_int); | |||
83 | void ip_mloopback(struct ifnet *, struct mbuf *, struct sockaddr_in *); | |||
84 | static u_int16_t in_cksum_phdr(u_int32_t, u_int32_t, u_int32_t); | |||
85 | void in_delayed_cksum(struct mbuf *); | |||
86 | ||||
87 | int ip_output_ipsec_lookup(struct mbuf *m, int hlen, const u_char seclevel[], | |||
88 | struct tdb **, int ipsecflowinfo); | |||
89 | void ip_output_ipsec_pmtu_update(struct tdb *, struct route *, struct in_addr, | |||
90 | int, int); | |||
91 | int ip_output_ipsec_send(struct tdb *, struct mbuf *, struct route *, int); | |||
92 | ||||
93 | /* | |||
94 | * IP output. The packet in mbuf chain m contains a skeletal IP | |||
95 | * header (with len, off, ttl, proto, tos, src, dst). | |||
96 | * The mbuf chain containing the packet will be freed. | |||
97 | * The mbuf opt, if present, will not be freed. | |||
98 | */ | |||
99 | int | |||
100 | ip_output(struct mbuf *m, struct mbuf *opt, struct route *ro, int flags, | |||
101 | struct ip_moptions *imo, const u_char seclevel[], u_int32_t ipsecflowinfo) | |||
102 | { | |||
103 | struct ip *ip; | |||
104 | struct ifnet *ifp = NULL((void *)0); | |||
105 | struct mbuf_list ml; | |||
106 | int hlen = sizeof (struct ip); | |||
107 | int error = 0; | |||
108 | struct route iproute; | |||
109 | struct sockaddr_in *dst; | |||
110 | struct tdb *tdb = NULL((void *)0); | |||
111 | u_long mtu; | |||
112 | #if NPF1 > 0 | |||
113 | u_int orig_rtableid; | |||
114 | #endif | |||
115 | ||||
116 | NET_ASSERT_LOCKED()do { int _s = rw_status(&netlock); if ((splassert_ctl > 0) && (_s != 0x0001UL && _s != 0x0002UL)) splassert_fail (0x0002UL, _s, __func__); } while (0); | |||
| ||||
117 | ||||
118 | #ifdef DIAGNOSTIC1 | |||
119 | if ((m->m_flagsm_hdr.mh_flags & M_PKTHDR0x0002) == 0) | |||
120 | panic("ip_output no HDR"); | |||
121 | #endif | |||
122 | if (opt) | |||
123 | m = ip_insertoptions(m, opt, &hlen); | |||
124 | ||||
125 | ip = mtod(m, struct ip *)((struct ip *)((m)->m_hdr.mh_data)); | |||
126 | ||||
127 | /* | |||
128 | * Fill in IP header. | |||
129 | */ | |||
130 | if ((flags & (IP_FORWARDING0x1|IP_RAWOUTPUT0x2)) == 0) { | |||
131 | ip->ip_v = IPVERSION4; | |||
132 | ip->ip_off &= htons(IP_DF)(__uint16_t)(__builtin_constant_p(0x4000) ? (__uint16_t)(((__uint16_t )(0x4000) & 0xffU) << 8 | ((__uint16_t)(0x4000) & 0xff00U) >> 8) : __swap16md(0x4000)); | |||
133 | ip->ip_id = htons(ip_randomid())(__uint16_t)(__builtin_constant_p(ip_randomid()) ? (__uint16_t )(((__uint16_t)(ip_randomid()) & 0xffU) << 8 | ((__uint16_t )(ip_randomid()) & 0xff00U) >> 8) : __swap16md(ip_randomid ())); | |||
134 | ip->ip_hl = hlen >> 2; | |||
135 | ipstat_inc(ips_localout); | |||
136 | } else { | |||
137 | hlen = ip->ip_hl << 2; | |||
138 | } | |||
139 | ||||
140 | /* | |||
141 | * We should not send traffic to 0/8 say both Stevens and RFCs | |||
142 | * 5735 section 3 and 1122 sections 3.2.1.3 and 3.3.6. | |||
143 | */ | |||
144 | if ((ntohl(ip->ip_dst.s_addr)(__uint32_t)(__builtin_constant_p(ip->ip_dst.s_addr) ? (__uint32_t )(((__uint32_t)(ip->ip_dst.s_addr) & 0xff) << 24 | ((__uint32_t)(ip->ip_dst.s_addr) & 0xff00) << 8 | ((__uint32_t)(ip->ip_dst.s_addr) & 0xff0000) >> 8 | ((__uint32_t)(ip->ip_dst.s_addr) & 0xff000000) >> 24) : __swap32md(ip->ip_dst.s_addr)) >> IN_CLASSA_NSHIFT24) == 0) { | |||
145 | error = ENETUNREACH51; | |||
146 | goto bad; | |||
147 | } | |||
148 | ||||
149 | #if NPF1 > 0 | |||
150 | orig_rtableid = m->m_pkthdrM_dat.MH.MH_pkthdr.ph_rtableid; | |||
151 | reroute: | |||
152 | #endif | |||
153 | ||||
154 | /* | |||
155 | * Do a route lookup now in case we need the source address to | |||
156 | * do an SPD lookup in IPsec; for most packets, the source address | |||
157 | * is set at a higher level protocol. ICMPs and other packets | |||
158 | * though (e.g., traceroute) have a source address of zeroes. | |||
159 | */ | |||
160 | if (ro == NULL((void *)0)) { | |||
161 | ro = &iproute; | |||
162 | memset(ro, 0, sizeof(*ro))__builtin_memset((ro), (0), (sizeof(*ro))); | |||
163 | } | |||
164 | ||||
165 | dst = satosin(&ro->ro_dst); | |||
166 | ||||
167 | /* | |||
168 | * If there is a cached route, check that it is to the same | |||
169 | * destination and is still up. If not, free it and try again. | |||
170 | */ | |||
171 | if (!rtisvalid(ro->ro_rt) || | |||
172 | dst->sin_addr.s_addr != ip->ip_dst.s_addr || | |||
173 | ro->ro_tableid != m->m_pkthdrM_dat.MH.MH_pkthdr.ph_rtableid) { | |||
174 | rtfree(ro->ro_rt); | |||
175 | ro->ro_rt = NULL((void *)0); | |||
176 | } | |||
177 | ||||
178 | if (ro->ro_rt == NULL((void *)0)) { | |||
179 | dst->sin_family = AF_INET2; | |||
180 | dst->sin_len = sizeof(*dst); | |||
181 | dst->sin_addr = ip->ip_dst; | |||
182 | ro->ro_tableid = m->m_pkthdrM_dat.MH.MH_pkthdr.ph_rtableid; | |||
183 | } | |||
184 | ||||
185 | if ((IN_MULTICAST(ip->ip_dst.s_addr)(((u_int32_t)(ip->ip_dst.s_addr) & ((u_int32_t) (__uint32_t )(__builtin_constant_p((u_int32_t)(0xf0000000)) ? (__uint32_t )(((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0xf0000000))))) == ((u_int32_t ) (__uint32_t)(__builtin_constant_p((u_int32_t)(0xe0000000)) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff ) << 24 | ((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff00 ) << 8 | ((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff0000 ) >> 8 | ((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff000000 ) >> 24) : __swap32md((u_int32_t)(0xe0000000))))) || | |||
186 | (ip->ip_dst.s_addr == INADDR_BROADCAST((u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0xffffffff )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0xffffffff) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0xffffffff )))))) && | |||
187 | imo != NULL((void *)0) && (ifp = if_get(imo->imo_ifidx)) != NULL((void *)0)) { | |||
188 | ||||
189 | mtu = ifp->if_mtuif_data.ifi_mtu; | |||
190 | if (ip->ip_src.s_addr == INADDR_ANY((u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0x00000000 )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0x00000000)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0x00000000) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0x00000000 ))))) { | |||
191 | struct in_ifaddr *ia; | |||
192 | ||||
193 | IFP_TO_IA(ifp, ia)do { struct ifaddr *ifa; do { int _s = rw_status(&netlock ); if ((splassert_ctl > 0) && (_s != 0x0001UL && _s != 0x0002UL)) splassert_fail(0x0002UL, _s, __func__); } while (0); for((ifa) = ((&(ifp)->if_addrlist)->tqh_first ); (ifa) != ((void *)0); (ifa) = ((ifa)->ifa_list.tqe_next )) { if (ifa->ifa_addr->sa_family == 2) break; } (ia) = ifatoia(ifa); } while ( 0); | |||
194 | if (ia != NULL((void *)0)) | |||
195 | ip->ip_src = ia->ia_addr.sin_addr; | |||
196 | } | |||
197 | } else { | |||
198 | struct in_ifaddr *ia; | |||
199 | ||||
200 | if (ro->ro_rt
| |||
201 | ro->ro_rt = rtalloc_mpath(&ro->ro_dst, | |||
202 | &ip->ip_src.s_addr, ro->ro_tableid); | |||
203 | ||||
204 | if (ro->ro_rt
| |||
205 | ipstat_inc(ips_noroute); | |||
206 | error = EHOSTUNREACH65; | |||
207 | goto bad; | |||
208 | } | |||
209 | ||||
210 | ia = ifatoia(ro->ro_rt->rt_ifa); | |||
211 | if (ISSET(ro->ro_rt->rt_flags, RTF_LOCAL)((ro->ro_rt->rt_flags) & (0x200000))) | |||
212 | ifp = if_get(rtable_loindex(m->m_pkthdrM_dat.MH.MH_pkthdr.ph_rtableid)); | |||
213 | else | |||
214 | ifp = if_get(ro->ro_rt->rt_ifidx); | |||
215 | /* | |||
216 | * We aren't using rtisvalid() here because the UP/DOWN state | |||
217 | * machine is broken with some Ethernet drivers like em(4). | |||
218 | * As a result we might try to use an invalid cached route | |||
219 | * entry while an interface is being detached. | |||
220 | */ | |||
221 | if (ifp == NULL((void *)0)) { | |||
222 | ipstat_inc(ips_noroute); | |||
223 | error = EHOSTUNREACH65; | |||
224 | goto bad; | |||
225 | } | |||
226 | if ((mtu = ro->ro_rt->rt_mturt_rmx.rmx_mtu) == 0) | |||
227 | mtu = ifp->if_mtuif_data.ifi_mtu; | |||
228 | ||||
229 | if (ro->ro_rt->rt_flags & RTF_GATEWAY0x2) | |||
230 | dst = satosin(ro->ro_rt->rt_gateway); | |||
231 | ||||
232 | /* Set the source IP address */ | |||
233 | if (ip->ip_src.s_addr == INADDR_ANY((u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0x00000000 )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0x00000000)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0x00000000) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0x00000000 )))) && ia) | |||
234 | ip->ip_src = ia->ia_addr.sin_addr; | |||
235 | } | |||
236 | ||||
237 | #ifdef IPSEC1 | |||
238 | if (ipsec_in_use || seclevel != NULL((void *)0)) { | |||
239 | /* Do we have any pending SAs to apply ? */ | |||
240 | error = ip_output_ipsec_lookup(m, hlen, seclevel, &tdb, | |||
241 | ipsecflowinfo); | |||
242 | if (error
| |||
243 | /* Should silently drop packet */ | |||
244 | if (error == -EINVAL22) | |||
245 | error = 0; | |||
246 | goto bad; | |||
247 | } | |||
248 | if (tdb
| |||
249 | /* | |||
250 | * If it needs TCP/UDP hardware-checksumming, do the | |||
251 | * computation now. | |||
252 | */ | |||
253 | in_proto_cksum_out(m, NULL((void *)0)); | |||
254 | } | |||
255 | } | |||
256 | #endif /* IPSEC */ | |||
257 | ||||
258 | if (IN_MULTICAST(ip->ip_dst.s_addr)(((u_int32_t)(ip->ip_dst.s_addr) & ((u_int32_t) (__uint32_t )(__builtin_constant_p((u_int32_t)(0xf0000000)) ? (__uint32_t )(((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0xf0000000))))) == ((u_int32_t ) (__uint32_t)(__builtin_constant_p((u_int32_t)(0xe0000000)) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff ) << 24 | ((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff00 ) << 8 | ((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff0000 ) >> 8 | ((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff000000 ) >> 24) : __swap32md((u_int32_t)(0xe0000000))))) || | |||
259 | (ip->ip_dst.s_addr == INADDR_BROADCAST((u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0xffffffff )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0xffffffff) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0xffffffff )))))) { | |||
260 | ||||
261 | m->m_flagsm_hdr.mh_flags |= (ip->ip_dst.s_addr == INADDR_BROADCAST((u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0xffffffff )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0xffffffff) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0xffffffff ))))) ? | |||
262 | M_BCAST0x0100 : M_MCAST0x0200; | |||
263 | ||||
264 | /* | |||
265 | * IP destination address is multicast. Make sure "dst" | |||
266 | * still points to the address in "ro". (It may have been | |||
267 | * changed to point to a gateway address, above.) | |||
268 | */ | |||
269 | dst = satosin(&ro->ro_dst); | |||
270 | ||||
271 | /* | |||
272 | * See if the caller provided any multicast options | |||
273 | */ | |||
274 | if (imo != NULL((void *)0)) | |||
275 | ip->ip_ttl = imo->imo_ttl; | |||
276 | else | |||
277 | ip->ip_ttl = IP_DEFAULT_MULTICAST_TTL1; | |||
278 | ||||
279 | /* | |||
280 | * if we don't know the outgoing ifp yet, we can't generate | |||
281 | * output | |||
282 | */ | |||
283 | if (!ifp) { | |||
284 | ipstat_inc(ips_noroute); | |||
285 | error = EHOSTUNREACH65; | |||
286 | goto bad; | |||
287 | } | |||
288 | ||||
289 | /* | |||
290 | * Confirm that the outgoing interface supports multicast, | |||
291 | * but only if the packet actually is going out on that | |||
292 | * interface (i.e., no IPsec is applied). | |||
293 | */ | |||
294 | if ((((m->m_flagsm_hdr.mh_flags & M_MCAST0x0200) && | |||
295 | (ifp->if_flags & IFF_MULTICAST0x8000) == 0) || | |||
296 | ((m->m_flagsm_hdr.mh_flags & M_BCAST0x0100) && | |||
297 | (ifp->if_flags & IFF_BROADCAST0x2) == 0)) && (tdb == NULL((void *)0))) { | |||
298 | ipstat_inc(ips_noroute); | |||
299 | error = ENETUNREACH51; | |||
300 | goto bad; | |||
301 | } | |||
302 | ||||
303 | /* | |||
304 | * If source address not specified yet, use address | |||
305 | * of outgoing interface. | |||
306 | */ | |||
307 | if (ip->ip_src.s_addr == INADDR_ANY((u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0x00000000 )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0x00000000)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0x00000000) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0x00000000 ))))) { | |||
308 | struct in_ifaddr *ia; | |||
309 | ||||
310 | IFP_TO_IA(ifp, ia)do { struct ifaddr *ifa; do { int _s = rw_status(&netlock ); if ((splassert_ctl > 0) && (_s != 0x0001UL && _s != 0x0002UL)) splassert_fail(0x0002UL, _s, __func__); } while (0); for((ifa) = ((&(ifp)->if_addrlist)->tqh_first ); (ifa) != ((void *)0); (ifa) = ((ifa)->ifa_list.tqe_next )) { if (ifa->ifa_addr->sa_family == 2) break; } (ia) = ifatoia(ifa); } while ( 0); | |||
311 | if (ia != NULL((void *)0)) | |||
312 | ip->ip_src = ia->ia_addr.sin_addr; | |||
313 | } | |||
314 | ||||
315 | if ((imo == NULL((void *)0) || imo->imo_loop) && | |||
316 | in_hasmulti(&ip->ip_dst, ifp)) { | |||
317 | /* | |||
318 | * If we belong to the destination multicast group | |||
319 | * on the outgoing interface, and the caller did not | |||
320 | * forbid loopback, loop back a copy. | |||
321 | * Can't defer TCP/UDP checksumming, do the | |||
322 | * computation now. | |||
323 | */ | |||
324 | in_proto_cksum_out(m, NULL((void *)0)); | |||
325 | ip_mloopback(ifp, m, dst); | |||
326 | } | |||
327 | #ifdef MROUTING1 | |||
328 | else { | |||
329 | /* | |||
330 | * If we are acting as a multicast router, perform | |||
331 | * multicast forwarding as if the packet had just | |||
332 | * arrived on the interface to which we are about | |||
333 | * to send. The multicast forwarding function | |||
334 | * recursively calls this function, using the | |||
335 | * IP_FORWARDING flag to prevent infinite recursion. | |||
336 | * | |||
337 | * Multicasts that are looped back by ip_mloopback(), | |||
338 | * above, will be forwarded by the ip_input() routine, | |||
339 | * if necessary. | |||
340 | */ | |||
341 | if (ipmforwarding && ip_mrouter[ifp->if_rdomainif_data.ifi_rdomain] && | |||
342 | (flags & IP_FORWARDING0x1) == 0) { | |||
343 | int rv; | |||
344 | ||||
345 | KERNEL_LOCK()_kernel_lock(); | |||
346 | rv = ip_mforward(m, ifp); | |||
347 | KERNEL_UNLOCK()_kernel_unlock(); | |||
348 | if (rv != 0) | |||
349 | goto bad; | |||
350 | } | |||
351 | } | |||
352 | #endif | |||
353 | /* | |||
354 | * Multicasts with a time-to-live of zero may be looped- | |||
355 | * back, above, but must not be transmitted on a network. | |||
356 | * Also, multicasts addressed to the loopback interface | |||
357 | * are not sent -- the above call to ip_mloopback() will | |||
358 | * loop back a copy if this host actually belongs to the | |||
359 | * destination group on the loopback interface. | |||
360 | */ | |||
361 | if (ip->ip_ttl == 0 || (ifp->if_flags & IFF_LOOPBACK0x8) != 0) | |||
362 | goto bad; | |||
363 | ||||
364 | goto sendit; | |||
365 | } | |||
366 | ||||
367 | /* | |||
368 | * Look for broadcast address and verify user is allowed to send | |||
369 | * such a packet; if the packet is going in an IPsec tunnel, skip | |||
370 | * this check. | |||
371 | */ | |||
372 | if ((tdb
)) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0xffffffff)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0xffffffff) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0xffffffff ))))) || | |||
373 | (ro && ro->ro_rt && ISSET(ro->ro_rt->rt_flags, RTF_BROADCAST)((ro->ro_rt->rt_flags) & (0x400000))))) { | |||
374 | if ((ifp->if_flags & IFF_BROADCAST0x2) == 0) { | |||
375 | error = EADDRNOTAVAIL49; | |||
376 | goto bad; | |||
377 | } | |||
378 | if ((flags & IP_ALLOWBROADCAST0x0020) == 0) { | |||
379 | error = EACCES13; | |||
380 | goto bad; | |||
381 | } | |||
382 | ||||
383 | /* Don't allow broadcast messages to be fragmented */ | |||
384 | if (ntohs(ip->ip_len)(__uint16_t)(__builtin_constant_p(ip->ip_len) ? (__uint16_t )(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t )(ip->ip_len) & 0xff00U) >> 8) : __swap16md(ip-> ip_len)) > ifp->if_mtuif_data.ifi_mtu) { | |||
385 | error = EMSGSIZE40; | |||
386 | goto bad; | |||
387 | } | |||
388 | m->m_flagsm_hdr.mh_flags |= M_BCAST0x0100; | |||
389 | } else | |||
390 | m->m_flagsm_hdr.mh_flags &= ~M_BCAST0x0100; | |||
391 | ||||
392 | sendit: | |||
393 | /* | |||
394 | * If we're doing Path MTU discovery, we need to set DF unless | |||
395 | * the route's MTU is locked. | |||
396 | */ | |||
397 | if ((flags & IP_MTUDISC0x0800) && ro && ro->ro_rt && | |||
398 | (ro->ro_rt->rt_locksrt_rmx.rmx_locks & RTV_MTU0x1) == 0) | |||
399 | ip->ip_off |= htons(IP_DF)(__uint16_t)(__builtin_constant_p(0x4000) ? (__uint16_t)(((__uint16_t )(0x4000) & 0xffU) << 8 | ((__uint16_t)(0x4000) & 0xff00U) >> 8) : __swap16md(0x4000)); | |||
400 | ||||
401 | #ifdef IPSEC1 | |||
402 | /* | |||
403 | * Check if the packet needs encapsulation. | |||
404 | */ | |||
405 | if (tdb
| |||
406 | /* Callee frees mbuf */ | |||
407 | error = ip_output_ipsec_send(tdb, m, ro, | |||
408 | (flags & IP_FORWARDING0x1) ? 1 : 0); | |||
409 | goto done; | |||
410 | } | |||
411 | #endif /* IPSEC */ | |||
412 | ||||
413 | /* | |||
414 | * Packet filter | |||
415 | */ | |||
416 | #if NPF1 > 0 | |||
417 | if (pf_test(AF_INET2, (flags & IP_FORWARDING0x1) ? PF_FWD : PF_OUT, | |||
418 | ifp, &m) != PF_PASS) { | |||
419 | error = EACCES13; | |||
420 | goto bad; | |||
421 | } | |||
422 | if (m == NULL((void *)0)) | |||
423 | goto done; | |||
424 | ip = mtod(m, struct ip *)((struct ip *)((m)->m_hdr.mh_data)); | |||
425 | hlen = ip->ip_hl << 2; | |||
426 | if ((m->m_pkthdrM_dat.MH.MH_pkthdr.pf.flags & (PF_TAG_REROUTE0x20 | PF_TAG_GENERATED0x01)) == | |||
427 | (PF_TAG_REROUTE0x20 | PF_TAG_GENERATED0x01)) | |||
428 | /* already rerun the route lookup, go on */ | |||
429 | m->m_pkthdrM_dat.MH.MH_pkthdr.pf.flags &= ~(PF_TAG_GENERATED0x01 | PF_TAG_REROUTE0x20); | |||
430 | else if (m->m_pkthdrM_dat.MH.MH_pkthdr.pf.flags & PF_TAG_REROUTE0x20) { | |||
431 | /* tag as generated to skip over pf_test on rerun */ | |||
432 | m->m_pkthdrM_dat.MH.MH_pkthdr.pf.flags |= PF_TAG_GENERATED0x01; | |||
433 | ro = NULL((void *)0); | |||
434 | if_put(ifp); /* drop reference since target changed */ | |||
435 | ifp = NULL((void *)0); | |||
436 | goto reroute; | |||
437 | } | |||
438 | #endif | |||
439 | ||||
440 | #ifdef IPSEC1 | |||
441 | if (ipsec_in_use && (flags & IP_FORWARDING0x1) && (ipforwarding == 2) && | |||
442 | (m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE0x0001, NULL((void *)0)) == NULL((void *)0))) { | |||
443 | error = EHOSTUNREACH65; | |||
444 | goto bad; | |||
445 | } | |||
446 | #endif | |||
447 | ||||
448 | /* | |||
449 | * If TSO or small enough for interface, can just send directly. | |||
450 | */ | |||
451 | error = if_output_tso(ifp, &m, sintosa(dst), ro->ro_rt, mtu); | |||
452 | if (error || m == NULL((void *)0)) | |||
453 | goto done; | |||
454 | ||||
455 | /* | |||
456 | * Too large for interface; fragment if possible. | |||
457 | * Must be able to put at least 8 bytes per fragment. | |||
458 | */ | |||
459 | if (ip->ip_off & htons(IP_DF)(__uint16_t)(__builtin_constant_p(0x4000) ? (__uint16_t)(((__uint16_t )(0x4000) & 0xffU) << 8 | ((__uint16_t)(0x4000) & 0xff00U) >> 8) : __swap16md(0x4000))) { | |||
460 | #ifdef IPSEC1 | |||
461 | if (ip_mtudisc) | |||
462 | ipsec_adjust_mtu(m, ifp->if_mtuif_data.ifi_mtu); | |||
463 | #endif | |||
464 | error = EMSGSIZE40; | |||
465 | #if NPF1 > 0 | |||
466 | /* pf changed routing table, use orig rtable for path MTU */ | |||
467 | if (ro->ro_tableid != orig_rtableid) { | |||
468 | rtfree(ro->ro_rt); | |||
469 | ro->ro_tableid = orig_rtableid; | |||
470 | ro->ro_rt = icmp_mtudisc_clone( | |||
471 | satosin(&ro->ro_dst)->sin_addr, ro->ro_tableid, 0); | |||
472 | } | |||
473 | #endif | |||
474 | /* | |||
475 | * This case can happen if the user changed the MTU | |||
476 | * of an interface after enabling IP on it. Because | |||
477 | * most netifs don't keep track of routes pointing to | |||
478 | * them, there is no way for one to update all its | |||
479 | * routes when the MTU is changed. | |||
480 | */ | |||
481 | if (rtisvalid(ro->ro_rt) && | |||
482 | ISSET(ro->ro_rt->rt_flags, RTF_HOST)((ro->ro_rt->rt_flags) & (0x4)) && | |||
483 | !(ro->ro_rt->rt_locksrt_rmx.rmx_locks & RTV_MTU0x1) && | |||
484 | (ro->ro_rt->rt_mturt_rmx.rmx_mtu > ifp->if_mtuif_data.ifi_mtu)) { | |||
485 | ro->ro_rt->rt_mturt_rmx.rmx_mtu = ifp->if_mtuif_data.ifi_mtu; | |||
486 | } | |||
487 | ipstat_inc(ips_cantfrag); | |||
488 | goto bad; | |||
489 | } | |||
490 | ||||
491 | if ((error = ip_fragment(m, &ml, ifp, mtu)) || | |||
492 | (error = if_output_ml(ifp, &ml, sintosa(dst), ro->ro_rt))) | |||
493 | goto done; | |||
494 | ipstat_inc(ips_fragmented); | |||
495 | ||||
496 | done: | |||
497 | if (ro == &iproute && ro->ro_rt) | |||
498 | rtfree(ro->ro_rt); | |||
499 | if_put(ifp); | |||
500 | #ifdef IPSEC1 | |||
501 | tdb_unref(tdb); | |||
502 | #endif /* IPSEC */ | |||
503 | return (error); | |||
504 | ||||
505 | bad: | |||
506 | m_freem(m); | |||
507 | goto done; | |||
508 | } | |||
509 | ||||
510 | #ifdef IPSEC1 | |||
511 | int | |||
512 | ip_output_ipsec_lookup(struct mbuf *m, int hlen, const u_char seclevel[], | |||
513 | struct tdb **tdbout, int ipsecflowinfo) | |||
514 | { | |||
515 | struct m_tag *mtag; | |||
516 | struct tdb_ident *tdbi; | |||
517 | struct tdb *tdb; | |||
518 | struct ipsec_ids *ids = NULL((void *)0); | |||
519 | int error; | |||
520 | ||||
521 | /* Do we have any pending SAs to apply ? */ | |||
522 | if (ipsecflowinfo) | |||
523 | ids = ipsp_ids_lookup(ipsecflowinfo); | |||
524 | error = ipsp_spd_lookup(m, AF_INET2, hlen, IPSP_DIRECTION_OUT0x2, | |||
525 | NULL((void *)0), seclevel, &tdb, ids); | |||
526 | ipsp_ids_free(ids); | |||
527 | if (error || tdb == NULL((void *)0)) { | |||
528 | *tdbout = NULL((void *)0); | |||
529 | return error; | |||
530 | } | |||
531 | /* Loop detection */ | |||
532 | for (mtag = m_tag_first(m); mtag != NULL((void *)0); mtag = m_tag_next(m, mtag)) { | |||
533 | if (mtag->m_tag_id != PACKET_TAG_IPSEC_OUT_DONE0x0002) | |||
534 | continue; | |||
535 | tdbi = (struct tdb_ident *)(mtag + 1); | |||
536 | if (tdbi->spi == tdb->tdb_spi && | |||
537 | tdbi->proto == tdb->tdb_sproto && | |||
538 | tdbi->rdomain == tdb->tdb_rdomain && | |||
539 | !memcmp(&tdbi->dst, &tdb->tdb_dst,__builtin_memcmp((&tdbi->dst), (&tdb->tdb_dst), (sizeof(union sockaddr_union))) | |||
540 | sizeof(union sockaddr_union))__builtin_memcmp((&tdbi->dst), (&tdb->tdb_dst), (sizeof(union sockaddr_union)))) { | |||
541 | /* no IPsec needed */ | |||
542 | tdb_unref(tdb); | |||
543 | *tdbout = NULL((void *)0); | |||
544 | return 0; | |||
545 | } | |||
546 | } | |||
547 | *tdbout = tdb; | |||
548 | return 0; | |||
549 | } | |||
550 | ||||
551 | void | |||
552 | ip_output_ipsec_pmtu_update(struct tdb *tdb, struct route *ro, | |||
553 | struct in_addr dst, int rtableid, int transportmode) | |||
554 | { | |||
555 | struct rtentry *rt = NULL((void *)0); | |||
556 | int rt_mtucloned = 0; | |||
557 | ||||
558 | /* Find a host route to store the mtu in */ | |||
559 | if (ro != NULL((void *)0)) | |||
560 | rt = ro->ro_rt; | |||
561 | /* but don't add a PMTU route for transport mode SAs */ | |||
562 | if (transportmode) | |||
563 | rt = NULL((void *)0); | |||
564 | else if (rt == NULL((void *)0) || (rt->rt_flags & RTF_HOST0x4) == 0) { | |||
565 | rt = icmp_mtudisc_clone(dst, rtableid, 1); | |||
566 | rt_mtucloned = 1; | |||
567 | } | |||
568 | DPRINTF("spi %08x mtu %d rt %p cloned %d",do { } while (0) | |||
569 | ntohl(tdb->tdb_spi), tdb->tdb_mtu, rt, rt_mtucloned)do { } while (0); | |||
570 | if (rt != NULL((void *)0)) { | |||
571 | rt->rt_mturt_rmx.rmx_mtu = tdb->tdb_mtu; | |||
572 | if (ro != NULL((void *)0) && ro->ro_rt != NULL((void *)0)) { | |||
573 | rtfree(ro->ro_rt); | |||
574 | ro->ro_rt = rtalloc(&ro->ro_dst, RT_RESOLVE1, rtableid); | |||
575 | } | |||
576 | if (rt_mtucloned) | |||
577 | rtfree(rt); | |||
578 | } | |||
579 | } | |||
580 | ||||
581 | int | |||
582 | ip_output_ipsec_send(struct tdb *tdb, struct mbuf *m, struct route *ro, int fwd) | |||
583 | { | |||
584 | struct mbuf_list ml; | |||
585 | struct ifnet *encif = NULL((void *)0); | |||
586 | struct ip *ip; | |||
587 | struct in_addr dst; | |||
588 | u_int len; | |||
589 | int error, rtableid, tso = 0; | |||
590 | ||||
591 | #if NPF1 > 0 | |||
592 | /* | |||
593 | * Packet filter | |||
594 | */ | |||
595 | if ((encif = enc_getif(tdb->tdb_rdomain, tdb->tdb_tap)) == NULL((void *)0) || | |||
596 | pf_test(AF_INET2, fwd
| |||
597 | m_freem(m); | |||
598 | return EACCES13; | |||
599 | } | |||
600 | if (m == NULL((void *)0)) | |||
601 | return 0; | |||
602 | /* | |||
603 | * PF_TAG_REROUTE handling or not... | |||
604 | * Packet is entering IPsec so the routing is | |||
605 | * already overruled by the IPsec policy. | |||
606 | * Until now the change was not reconsidered. | |||
607 | * What's the behaviour? | |||
608 | */ | |||
609 | #endif | |||
610 | ||||
611 | /* Check if we can chop the TCP packet */ | |||
612 | ip = mtod(m, struct ip *)((struct ip *)((m)->m_hdr.mh_data)); | |||
613 | if (ISSET(m->m_pkthdr.csum_flags, M_TCP_TSO)((m->M_dat.MH.MH_pkthdr.csum_flags) & (0x8000)) && | |||
614 | m->m_pkthdrM_dat.MH.MH_pkthdr.ph_mss <= tdb->tdb_mtu) { | |||
615 | tso = 1; | |||
616 | len = m->m_pkthdrM_dat.MH.MH_pkthdr.ph_mss; | |||
617 | } else | |||
618 | len = ntohs(ip->ip_len)(__uint16_t)(__builtin_constant_p(ip->ip_len) ? (__uint16_t )(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t )(ip->ip_len) & 0xff00U) >> 8) : __swap16md(ip-> ip_len)); | |||
619 | ||||
620 | /* Check if we are allowed to fragment */ | |||
621 | dst = ip->ip_dst; | |||
622 | rtableid = m->m_pkthdrM_dat.MH.MH_pkthdr.ph_rtableid; | |||
623 | if (ip_mtudisc && (ip->ip_off & htons(IP_DF)(__uint16_t)(__builtin_constant_p(0x4000) ? (__uint16_t)(((__uint16_t )(0x4000) & 0xffU) << 8 | ((__uint16_t)(0x4000) & 0xff00U) >> 8) : __swap16md(0x4000))) && tdb->tdb_mtu && | |||
624 | len > tdb->tdb_mtu && tdb->tdb_mtutimeout > gettime()) { | |||
625 | int transportmode; | |||
626 | ||||
627 | transportmode = (tdb->tdb_dst.sa.sa_family == AF_INET2) && | |||
628 | (tdb->tdb_dst.sin.sin_addr.s_addr == dst.s_addr); | |||
629 | ip_output_ipsec_pmtu_update(tdb, ro, dst, rtableid, | |||
630 | transportmode); | |||
631 | ipsec_adjust_mtu(m, tdb->tdb_mtu); | |||
632 | m_freem(m); | |||
633 | return EMSGSIZE40; | |||
634 | } | |||
635 | /* propagate IP_DF for v4-over-v6 */ | |||
636 | if (ip_mtudisc
)(0x4000) & 0xffU) << 8 | ((__uint16_t)(0x4000) & 0xff00U) >> 8) : __swap16md(0x4000))) | |||
637 | SET(m->m_pkthdr.csum_flags, M_IPV6_DF_OUT)((m->M_dat.MH.MH_pkthdr.csum_flags) |= (0x1000)); | |||
638 | ||||
639 | /* | |||
640 | * Clear these -- they'll be set in the recursive invocation | |||
641 | * as needed. | |||
642 | */ | |||
643 | m->m_flagsm_hdr.mh_flags &= ~(M_MCAST0x0200 | M_BCAST0x0100); | |||
644 | ||||
645 | if (tso
| |||
646 | error = tcp_chopper(m, &ml, encif, len); | |||
647 | if (error) | |||
648 | goto done; | |||
649 | } else { | |||
650 | CLR(m->m_pkthdr.csum_flags, M_TCP_TSO)((m->M_dat.MH.MH_pkthdr.csum_flags) &= ~(0x8000)); | |||
651 | in_proto_cksum_out(m, encif); | |||
652 | ml_init(&ml); | |||
653 | ml_enqueue(&ml, m); | |||
654 | } | |||
655 | ||||
656 | KERNEL_LOCK()_kernel_lock(); | |||
657 | while ((m = ml_dequeue(&ml)) != NULL((void *)0)) { | |||
658 | /* Callee frees mbuf */ | |||
659 | error = ipsp_process_packet(m, tdb, AF_INET2, 0); | |||
660 | if (error) | |||
661 | break; | |||
662 | } | |||
663 | KERNEL_UNLOCK()_kernel_unlock(); | |||
664 | done: | |||
665 | if (error) { | |||
| ||||
666 | ml_purge(&ml); | |||
667 | ipsecstat_inc(ipsec_odrops); | |||
668 | tdbstat_inc(tdb, tdb_odrops); | |||
669 | } | |||
670 | if (!error && tso) | |||
671 | tcpstat_inc(tcps_outswtso); | |||
672 | if (ip_mtudisc && error == EMSGSIZE40) | |||
673 | ip_output_ipsec_pmtu_update(tdb, ro, dst, rtableid, 0); | |||
674 | return error; | |||
675 | } | |||
676 | #endif /* IPSEC */ | |||
677 | ||||
678 | int | |||
679 | ip_fragment(struct mbuf *m0, struct mbuf_list *ml, struct ifnet *ifp, | |||
680 | u_long mtu) | |||
681 | { | |||
682 | struct ip *ip; | |||
683 | int firstlen, hlen, tlen, len, off; | |||
684 | int error; | |||
685 | ||||
686 | ml_init(ml); | |||
687 | ml_enqueue(ml, m0); | |||
688 | ||||
689 | ip = mtod(m0, struct ip *)((struct ip *)((m0)->m_hdr.mh_data)); | |||
690 | hlen = ip->ip_hl << 2; | |||
691 | tlen = m0->m_pkthdrM_dat.MH.MH_pkthdr.len; | |||
692 | len = (mtu - hlen) &~ 7; | |||
693 | if (len < 8) { | |||
694 | error = EMSGSIZE40; | |||
695 | goto bad; | |||
696 | } | |||
697 | firstlen = len; | |||
698 | ||||
699 | /* | |||
700 | * If we are doing fragmentation, we can't defer TCP/UDP | |||
701 | * checksumming; compute the checksum and clear the flag. | |||
702 | */ | |||
703 | in_proto_cksum_out(m0, NULL((void *)0)); | |||
704 | ||||
705 | /* | |||
706 | * Loop through length of payload after first fragment, | |||
707 | * make new header and copy data of each part and link onto chain. | |||
708 | */ | |||
709 | for (off = hlen + firstlen; off < tlen; off += len) { | |||
710 | struct mbuf *m; | |||
711 | struct ip *mhip; | |||
712 | int mhlen; | |||
713 | ||||
714 | MGETHDR(m, M_DONTWAIT, MT_HEADER)m = m_gethdr((0x0002), (2)); | |||
715 | if (m == NULL((void *)0)) { | |||
716 | error = ENOBUFS55; | |||
717 | goto bad; | |||
718 | } | |||
719 | ml_enqueue(ml, m); | |||
720 | if ((error = m_dup_pkthdr(m, m0, M_DONTWAIT0x0002)) != 0) | |||
721 | goto bad; | |||
722 | m->m_datam_hdr.mh_data += max_linkhdr; | |||
723 | mhip = mtod(m, struct ip *)((struct ip *)((m)->m_hdr.mh_data)); | |||
724 | *mhip = *ip; | |||
725 | if (hlen > sizeof(struct ip)) { | |||
726 | mhlen = ip_optcopy(ip, mhip) + sizeof(struct ip); | |||
727 | mhip->ip_hl = mhlen >> 2; | |||
728 | } else | |||
729 | mhlen = sizeof(struct ip); | |||
730 | m->m_lenm_hdr.mh_len = mhlen; | |||
731 | ||||
732 | mhip->ip_off = ((off - hlen) >> 3) + | |||
733 | (ntohs(ip->ip_off)(__uint16_t)(__builtin_constant_p(ip->ip_off) ? (__uint16_t )(((__uint16_t)(ip->ip_off) & 0xffU) << 8 | ((__uint16_t )(ip->ip_off) & 0xff00U) >> 8) : __swap16md(ip-> ip_off)) & ~IP_MF0x2000); | |||
734 | if (ip->ip_off & htons(IP_MF)(__uint16_t)(__builtin_constant_p(0x2000) ? (__uint16_t)(((__uint16_t )(0x2000) & 0xffU) << 8 | ((__uint16_t)(0x2000) & 0xff00U) >> 8) : __swap16md(0x2000))) | |||
735 | mhip->ip_off |= IP_MF0x2000; | |||
736 | if (off + len >= tlen) | |||
737 | len = tlen - off; | |||
738 | else | |||
739 | mhip->ip_off |= IP_MF0x2000; | |||
740 | mhip->ip_off = htons(mhip->ip_off)(__uint16_t)(__builtin_constant_p(mhip->ip_off) ? (__uint16_t )(((__uint16_t)(mhip->ip_off) & 0xffU) << 8 | (( __uint16_t)(mhip->ip_off) & 0xff00U) >> 8) : __swap16md (mhip->ip_off)); | |||
741 | ||||
742 | m->m_pkthdrM_dat.MH.MH_pkthdr.len = mhlen + len; | |||
743 | mhip->ip_len = htons(m->m_pkthdr.len)(__uint16_t)(__builtin_constant_p(m->M_dat.MH.MH_pkthdr.len ) ? (__uint16_t)(((__uint16_t)(m->M_dat.MH.MH_pkthdr.len) & 0xffU) << 8 | ((__uint16_t)(m->M_dat.MH.MH_pkthdr.len ) & 0xff00U) >> 8) : __swap16md(m->M_dat.MH.MH_pkthdr .len)); | |||
744 | m->m_nextm_hdr.mh_next = m_copym(m0, off, len, M_NOWAIT0x0002); | |||
745 | if (m->m_nextm_hdr.mh_next == NULL((void *)0)) { | |||
746 | error = ENOBUFS55; | |||
747 | goto bad; | |||
748 | } | |||
749 | ||||
750 | in_hdr_cksum_out(m, ifp); | |||
751 | } | |||
752 | ||||
753 | /* | |||
754 | * Update first fragment by trimming what's been copied out | |||
755 | * and updating header, then send each fragment (in order). | |||
756 | */ | |||
757 | if (hlen + firstlen < tlen) { | |||
758 | m_adj(m0, hlen + firstlen - tlen); | |||
759 | ip->ip_off |= htons(IP_MF)(__uint16_t)(__builtin_constant_p(0x2000) ? (__uint16_t)(((__uint16_t )(0x2000) & 0xffU) << 8 | ((__uint16_t)(0x2000) & 0xff00U) >> 8) : __swap16md(0x2000)); | |||
760 | } | |||
761 | ip->ip_len = htons(m0->m_pkthdr.len)(__uint16_t)(__builtin_constant_p(m0->M_dat.MH.MH_pkthdr.len ) ? (__uint16_t)(((__uint16_t)(m0->M_dat.MH.MH_pkthdr.len) & 0xffU) << 8 | ((__uint16_t)(m0->M_dat.MH.MH_pkthdr .len) & 0xff00U) >> 8) : __swap16md(m0->M_dat.MH .MH_pkthdr.len)); | |||
762 | ||||
763 | in_hdr_cksum_out(m0, ifp); | |||
764 | ||||
765 | ipstat_add(ips_ofragments, ml_len(ml)((ml)->ml_len)); | |||
766 | return (0); | |||
767 | ||||
768 | bad: | |||
769 | ipstat_inc(ips_odropped); | |||
770 | ml_purge(ml); | |||
771 | return (error); | |||
772 | } | |||
773 | ||||
774 | /* | |||
775 | * Insert IP options into preformed packet. | |||
776 | * Adjust IP destination as required for IP source routing, | |||
777 | * as indicated by a non-zero in_addr at the start of the options. | |||
778 | */ | |||
779 | struct mbuf * | |||
780 | ip_insertoptions(struct mbuf *m, struct mbuf *opt, int *phlen) | |||
781 | { | |||
782 | struct ipoption *p = mtod(opt, struct ipoption *)((struct ipoption *)((opt)->m_hdr.mh_data)); | |||
783 | struct mbuf *n; | |||
784 | struct ip *ip = mtod(m, struct ip *)((struct ip *)((m)->m_hdr.mh_data)); | |||
785 | unsigned int optlen; | |||
786 | ||||
787 | optlen = opt->m_lenm_hdr.mh_len - sizeof(p->ipopt_dst); | |||
788 | if (optlen + ntohs(ip->ip_len)(__uint16_t)(__builtin_constant_p(ip->ip_len) ? (__uint16_t )(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t )(ip->ip_len) & 0xff00U) >> 8) : __swap16md(ip-> ip_len)) > IP_MAXPACKET65535) | |||
789 | return (m); /* XXX should fail */ | |||
790 | ||||
791 | /* check if options will fit to IP header */ | |||
792 | if ((optlen + sizeof(struct ip)) > (0x0f << 2)) { | |||
793 | *phlen = sizeof(struct ip); | |||
794 | return (m); | |||
795 | } | |||
796 | ||||
797 | if (p->ipopt_dst.s_addr) | |||
798 | ip->ip_dst = p->ipopt_dst; | |||
799 | if (m->m_flagsm_hdr.mh_flags & M_EXT0x0001 || m->m_datam_hdr.mh_data - optlen < m->m_pktdatM_dat.MH.MH_dat.MH_databuf) { | |||
800 | MGETHDR(n, M_DONTWAIT, MT_HEADER)n = m_gethdr((0x0002), (2)); | |||
801 | if (n == NULL((void *)0)) | |||
802 | return (m); | |||
803 | M_MOVE_HDR(n, m)do { (n)->M_dat.MH.MH_pkthdr = (m)->M_dat.MH.MH_pkthdr; (m)->m_hdr.mh_flags &= ~0x0002; { ((&(m)->M_dat .MH.MH_pkthdr.ph_tags)->slh_first) = ((void *)0); }; (m)-> M_dat.MH.MH_pkthdr.pf.statekey = ((void *)0); } while ( 0); | |||
804 | n->m_pkthdrM_dat.MH.MH_pkthdr.len += optlen; | |||
805 | m->m_lenm_hdr.mh_len -= sizeof(struct ip); | |||
806 | m->m_datam_hdr.mh_data += sizeof(struct ip); | |||
807 | n->m_nextm_hdr.mh_next = m; | |||
808 | m = n; | |||
809 | m->m_lenm_hdr.mh_len = optlen + sizeof(struct ip); | |||
810 | m->m_datam_hdr.mh_data += max_linkhdr; | |||
811 | memcpy(mtod(m, caddr_t), ip, sizeof(struct ip))__builtin_memcpy((((caddr_t)((m)->m_hdr.mh_data))), (ip), ( sizeof(struct ip))); | |||
812 | } else { | |||
813 | m->m_datam_hdr.mh_data -= optlen; | |||
814 | m->m_lenm_hdr.mh_len += optlen; | |||
815 | m->m_pkthdrM_dat.MH.MH_pkthdr.len += optlen; | |||
816 | memmove(mtod(m, caddr_t), (caddr_t)ip, sizeof(struct ip))__builtin_memmove((((caddr_t)((m)->m_hdr.mh_data))), ((caddr_t )ip), (sizeof(struct ip))); | |||
817 | } | |||
818 | ip = mtod(m, struct ip *)((struct ip *)((m)->m_hdr.mh_data)); | |||
819 | memcpy(ip + 1, p->ipopt_list, optlen)__builtin_memcpy((ip + 1), (p->ipopt_list), (optlen)); | |||
820 | *phlen = sizeof(struct ip) + optlen; | |||
821 | ip->ip_len = htons(ntohs(ip->ip_len) + optlen)(__uint16_t)(__builtin_constant_p((__uint16_t)(__builtin_constant_p (ip->ip_len) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U ) >> 8) : __swap16md(ip->ip_len)) + optlen) ? (__uint16_t )(((__uint16_t)((__uint16_t)(__builtin_constant_p(ip->ip_len ) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U) >> 8) : __swap16md(ip->ip_len)) + optlen) & 0xffU) << 8 | ((__uint16_t)((__uint16_t)(__builtin_constant_p(ip->ip_len ) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U) >> 8) : __swap16md(ip->ip_len)) + optlen) & 0xff00U) >> 8) : __swap16md((__uint16_t)(__builtin_constant_p(ip->ip_len ) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U) >> 8) : __swap16md(ip->ip_len)) + optlen)); | |||
822 | return (m); | |||
823 | } | |||
824 | ||||
825 | /* | |||
826 | * Copy options from ip to jp, | |||
827 | * omitting those not copied during fragmentation. | |||
828 | */ | |||
829 | int | |||
830 | ip_optcopy(struct ip *ip, struct ip *jp) | |||
831 | { | |||
832 | u_char *cp, *dp; | |||
833 | int opt, optlen, cnt; | |||
834 | ||||
835 | cp = (u_char *)(ip + 1); | |||
836 | dp = (u_char *)(jp + 1); | |||
837 | cnt = (ip->ip_hl << 2) - sizeof (struct ip); | |||
838 | for (; cnt > 0; cnt -= optlen, cp += optlen) { | |||
839 | opt = cp[0]; | |||
840 | if (opt == IPOPT_EOL0) | |||
841 | break; | |||
842 | if (opt == IPOPT_NOP1) { | |||
843 | /* Preserve for IP mcast tunnel's LSRR alignment. */ | |||
844 | *dp++ = IPOPT_NOP1; | |||
845 | optlen = 1; | |||
846 | continue; | |||
847 | } | |||
848 | #ifdef DIAGNOSTIC1 | |||
849 | if (cnt < IPOPT_OLEN1 + sizeof(*cp)) | |||
850 | panic("malformed IPv4 option passed to ip_optcopy"); | |||
851 | #endif | |||
852 | optlen = cp[IPOPT_OLEN1]; | |||
853 | #ifdef DIAGNOSTIC1 | |||
854 | if (optlen < IPOPT_OLEN1 + sizeof(*cp) || optlen > cnt) | |||
855 | panic("malformed IPv4 option passed to ip_optcopy"); | |||
856 | #endif | |||
857 | /* bogus lengths should have been caught by ip_dooptions */ | |||
858 | if (optlen > cnt) | |||
859 | optlen = cnt; | |||
860 | if (IPOPT_COPIED(opt)((opt)&0x80)) { | |||
861 | memcpy(dp, cp, optlen)__builtin_memcpy((dp), (cp), (optlen)); | |||
862 | dp += optlen; | |||
863 | } | |||
864 | } | |||
865 | for (optlen = dp - (u_char *)(jp+1); optlen & 0x3; optlen++) | |||
866 | *dp++ = IPOPT_EOL0; | |||
867 | return (optlen); | |||
868 | } | |||
869 | ||||
870 | /* | |||
871 | * IP socket option processing. | |||
872 | */ | |||
873 | int | |||
874 | ip_ctloutput(int op, struct socket *so, int level, int optname, | |||
875 | struct mbuf *m) | |||
876 | { | |||
877 | struct inpcb *inp = sotoinpcb(so)((struct inpcb *)(so)->so_pcb); | |||
878 | int optval = 0; | |||
879 | struct proc *p = curproc({struct cpu_info *__ci; asm volatile("movq %%gs:%P1,%0" : "=r" (__ci) :"n" (__builtin_offsetof(struct cpu_info, ci_self))); __ci;})->ci_curproc; /* XXX */ | |||
880 | int error = 0; | |||
881 | u_int rtableid, rtid = 0; | |||
882 | ||||
883 | if (level != IPPROTO_IP0) | |||
884 | return (EINVAL22); | |||
885 | ||||
886 | rtableid = p->p_p->ps_rtableid; | |||
887 | ||||
888 | switch (op) { | |||
889 | case PRCO_SETOPT1: | |||
890 | switch (optname) { | |||
891 | case IP_OPTIONS1: | |||
892 | return (ip_pcbopts(&inp->inp_options, m)); | |||
893 | ||||
894 | case IP_TOS3: | |||
895 | case IP_TTL4: | |||
896 | case IP_MINTTL32: | |||
897 | case IP_RECVOPTS5: | |||
898 | case IP_RECVRETOPTS6: | |||
899 | case IP_RECVDSTADDR7: | |||
900 | case IP_RECVIF30: | |||
901 | case IP_RECVTTL31: | |||
902 | case IP_RECVDSTPORT33: | |||
903 | case IP_RECVRTABLE35: | |||
904 | case IP_IPSECFLOWINFO36: | |||
905 | if (m == NULL((void *)0) || m->m_lenm_hdr.mh_len != sizeof(int)) | |||
906 | error = EINVAL22; | |||
907 | else { | |||
908 | optval = *mtod(m, int *)((int *)((m)->m_hdr.mh_data)); | |||
909 | switch (optname) { | |||
910 | ||||
911 | case IP_TOS3: | |||
912 | inp->inp_ipinp_hu.hu_ip.ip_tos = optval; | |||
913 | break; | |||
914 | ||||
915 | case IP_TTL4: | |||
916 | if (optval > 0 && optval <= MAXTTL255) | |||
917 | inp->inp_ipinp_hu.hu_ip.ip_ttl = optval; | |||
918 | else if (optval == -1) | |||
919 | inp->inp_ipinp_hu.hu_ip.ip_ttl = ip_defttl; | |||
920 | else | |||
921 | error = EINVAL22; | |||
922 | break; | |||
923 | ||||
924 | case IP_MINTTL32: | |||
925 | if (optval >= 0 && optval <= MAXTTL255) | |||
926 | inp->inp_ip_minttl = optval; | |||
927 | else | |||
928 | error = EINVAL22; | |||
929 | break; | |||
930 | #define OPTSET(bit) \ | |||
931 | if (optval) \ | |||
932 | inp->inp_flags |= bit; \ | |||
933 | else \ | |||
934 | inp->inp_flags &= ~bit; | |||
935 | ||||
936 | case IP_RECVOPTS5: | |||
937 | OPTSET(INP_RECVOPTS0x001); | |||
938 | break; | |||
939 | ||||
940 | case IP_RECVRETOPTS6: | |||
941 | OPTSET(INP_RECVRETOPTS0x002); | |||
942 | break; | |||
943 | ||||
944 | case IP_RECVDSTADDR7: | |||
945 | OPTSET(INP_RECVDSTADDR0x004); | |||
946 | break; | |||
947 | case IP_RECVIF30: | |||
948 | OPTSET(INP_RECVIF0x080); | |||
949 | break; | |||
950 | case IP_RECVTTL31: | |||
951 | OPTSET(INP_RECVTTL0x040); | |||
952 | break; | |||
953 | case IP_RECVDSTPORT33: | |||
954 | OPTSET(INP_RECVDSTPORT0x200); | |||
955 | break; | |||
956 | case IP_RECVRTABLE35: | |||
957 | OPTSET(INP_RECVRTABLE0x400); | |||
958 | break; | |||
959 | case IP_IPSECFLOWINFO36: | |||
960 | OPTSET(INP_IPSECFLOWINFO0x800); | |||
961 | break; | |||
962 | } | |||
963 | } | |||
964 | break; | |||
965 | #undef OPTSET | |||
966 | ||||
967 | case IP_MULTICAST_IF9: | |||
968 | case IP_MULTICAST_TTL10: | |||
969 | case IP_MULTICAST_LOOP11: | |||
970 | case IP_ADD_MEMBERSHIP12: | |||
971 | case IP_DROP_MEMBERSHIP13: | |||
972 | error = ip_setmoptions(optname, &inp->inp_moptionsinp_mou.mou_mo, m, | |||
973 | inp->inp_rtableid); | |||
974 | break; | |||
975 | ||||
976 | case IP_PORTRANGE19: | |||
977 | if (m == NULL((void *)0) || m->m_lenm_hdr.mh_len != sizeof(int)) | |||
978 | error = EINVAL22; | |||
979 | else { | |||
980 | optval = *mtod(m, int *)((int *)((m)->m_hdr.mh_data)); | |||
981 | ||||
982 | switch (optval) { | |||
983 | ||||
984 | case IP_PORTRANGE_DEFAULT0: | |||
985 | inp->inp_flags &= ~(INP_LOWPORT0x020); | |||
986 | inp->inp_flags &= ~(INP_HIGHPORT0x010); | |||
987 | break; | |||
988 | ||||
989 | case IP_PORTRANGE_HIGH1: | |||
990 | inp->inp_flags &= ~(INP_LOWPORT0x020); | |||
991 | inp->inp_flags |= INP_HIGHPORT0x010; | |||
992 | break; | |||
993 | ||||
994 | case IP_PORTRANGE_LOW2: | |||
995 | inp->inp_flags &= ~(INP_HIGHPORT0x010); | |||
996 | inp->inp_flags |= INP_LOWPORT0x020; | |||
997 | break; | |||
998 | ||||
999 | default: | |||
1000 | ||||
1001 | error = EINVAL22; | |||
1002 | break; | |||
1003 | } | |||
1004 | } | |||
1005 | break; | |||
1006 | case IP_AUTH_LEVEL20: | |||
1007 | case IP_ESP_TRANS_LEVEL21: | |||
1008 | case IP_ESP_NETWORK_LEVEL22: | |||
1009 | case IP_IPCOMP_LEVEL29: | |||
1010 | #ifndef IPSEC1 | |||
1011 | error = EOPNOTSUPP45; | |||
1012 | #else | |||
1013 | if (m == NULL((void *)0) || m->m_lenm_hdr.mh_len != sizeof(int)) { | |||
1014 | error = EINVAL22; | |||
1015 | break; | |||
1016 | } | |||
1017 | optval = *mtod(m, int *)((int *)((m)->m_hdr.mh_data)); | |||
1018 | ||||
1019 | if (optval < IPSEC_LEVEL_BYPASS0x00 || | |||
1020 | optval > IPSEC_LEVEL_UNIQUE0x04) { | |||
1021 | error = EINVAL22; | |||
1022 | break; | |||
1023 | } | |||
1024 | ||||
1025 | switch (optname) { | |||
1026 | case IP_AUTH_LEVEL20: | |||
1027 | if (optval < IPSEC_AUTH_LEVEL_DEFAULT0x01 && | |||
1028 | suser(p)) { | |||
1029 | error = EACCES13; | |||
1030 | break; | |||
1031 | } | |||
1032 | inp->inp_seclevel[SL_AUTH0] = optval; | |||
1033 | break; | |||
1034 | ||||
1035 | case IP_ESP_TRANS_LEVEL21: | |||
1036 | if (optval < IPSEC_ESP_TRANS_LEVEL_DEFAULT0x01 && | |||
1037 | suser(p)) { | |||
1038 | error = EACCES13; | |||
1039 | break; | |||
1040 | } | |||
1041 | inp->inp_seclevel[SL_ESP_TRANS1] = optval; | |||
1042 | break; | |||
1043 | ||||
1044 | case IP_ESP_NETWORK_LEVEL22: | |||
1045 | if (optval < IPSEC_ESP_NETWORK_LEVEL_DEFAULT0x01 && | |||
1046 | suser(p)) { | |||
1047 | error = EACCES13; | |||
1048 | break; | |||
1049 | } | |||
1050 | inp->inp_seclevel[SL_ESP_NETWORK2] = optval; | |||
1051 | break; | |||
1052 | case IP_IPCOMP_LEVEL29: | |||
1053 | if (optval < IPSEC_IPCOMP_LEVEL_DEFAULT0x01 && | |||
1054 | suser(p)) { | |||
1055 | error = EACCES13; | |||
1056 | break; | |||
1057 | } | |||
1058 | inp->inp_seclevel[SL_IPCOMP3] = optval; | |||
1059 | break; | |||
1060 | } | |||
1061 | #endif | |||
1062 | break; | |||
1063 | ||||
1064 | case IP_IPSEC_LOCAL_ID23: | |||
1065 | case IP_IPSEC_REMOTE_ID24: | |||
1066 | error = EOPNOTSUPP45; | |||
1067 | break; | |||
1068 | case SO_RTABLE0x1021: | |||
1069 | if (m == NULL((void *)0) || m->m_lenm_hdr.mh_len < sizeof(u_int)) { | |||
1070 | error = EINVAL22; | |||
1071 | break; | |||
1072 | } | |||
1073 | rtid = *mtod(m, u_int *)((u_int *)((m)->m_hdr.mh_data)); | |||
1074 | if (inp->inp_rtableid == rtid) | |||
1075 | break; | |||
1076 | /* needs privileges to switch when already set */ | |||
1077 | if (rtableid != rtid && rtableid != 0 && | |||
1078 | (error = suser(p)) != 0) | |||
1079 | break; | |||
1080 | /* table must exist */ | |||
1081 | if (!rtable_exists(rtid)) { | |||
1082 | error = EINVAL22; | |||
1083 | break; | |||
1084 | } | |||
1085 | error = in_pcbset_rtableid(inp, rtid); | |||
1086 | break; | |||
1087 | case IP_PIPEX34: | |||
1088 | if (m != NULL((void *)0) && m->m_lenm_hdr.mh_len == sizeof(int)) | |||
1089 | inp->inp_pipex = *mtod(m, int *)((int *)((m)->m_hdr.mh_data)); | |||
1090 | else | |||
1091 | error = EINVAL22; | |||
1092 | break; | |||
1093 | ||||
1094 | default: | |||
1095 | error = ENOPROTOOPT42; | |||
1096 | break; | |||
1097 | } | |||
1098 | break; | |||
1099 | ||||
1100 | case PRCO_GETOPT0: | |||
1101 | switch (optname) { | |||
1102 | case IP_OPTIONS1: | |||
1103 | case IP_RETOPTS8: | |||
1104 | if (inp->inp_options) { | |||
1105 | m->m_lenm_hdr.mh_len = inp->inp_options->m_lenm_hdr.mh_len; | |||
1106 | memcpy(mtod(m, caddr_t),__builtin_memcpy((((caddr_t)((m)->m_hdr.mh_data))), (((caddr_t )((inp->inp_options)->m_hdr.mh_data))), (m->m_hdr.mh_len )) | |||
1107 | mtod(inp->inp_options, caddr_t), m->m_len)__builtin_memcpy((((caddr_t)((m)->m_hdr.mh_data))), (((caddr_t )((inp->inp_options)->m_hdr.mh_data))), (m->m_hdr.mh_len )); | |||
1108 | } else | |||
1109 | m->m_lenm_hdr.mh_len = 0; | |||
1110 | break; | |||
1111 | ||||
1112 | case IP_TOS3: | |||
1113 | case IP_TTL4: | |||
1114 | case IP_MINTTL32: | |||
1115 | case IP_RECVOPTS5: | |||
1116 | case IP_RECVRETOPTS6: | |||
1117 | case IP_RECVDSTADDR7: | |||
1118 | case IP_RECVIF30: | |||
1119 | case IP_RECVTTL31: | |||
1120 | case IP_RECVDSTPORT33: | |||
1121 | case IP_RECVRTABLE35: | |||
1122 | case IP_IPSECFLOWINFO36: | |||
1123 | case IP_IPDEFTTL37: | |||
1124 | m->m_lenm_hdr.mh_len = sizeof(int); | |||
1125 | switch (optname) { | |||
1126 | ||||
1127 | case IP_TOS3: | |||
1128 | optval = inp->inp_ipinp_hu.hu_ip.ip_tos; | |||
1129 | break; | |||
1130 | ||||
1131 | case IP_TTL4: | |||
1132 | optval = inp->inp_ipinp_hu.hu_ip.ip_ttl; | |||
1133 | break; | |||
1134 | ||||
1135 | case IP_MINTTL32: | |||
1136 | optval = inp->inp_ip_minttl; | |||
1137 | break; | |||
1138 | ||||
1139 | case IP_IPDEFTTL37: | |||
1140 | optval = ip_defttl; | |||
1141 | break; | |||
1142 | ||||
1143 | #define OPTBIT(bit)(inp->inp_flags & bit ? 1 : 0) (inp->inp_flags & bit ? 1 : 0) | |||
1144 | ||||
1145 | case IP_RECVOPTS5: | |||
1146 | optval = OPTBIT(INP_RECVOPTS)(inp->inp_flags & 0x001 ? 1 : 0); | |||
1147 | break; | |||
1148 | ||||
1149 | case IP_RECVRETOPTS6: | |||
1150 | optval = OPTBIT(INP_RECVRETOPTS)(inp->inp_flags & 0x002 ? 1 : 0); | |||
1151 | break; | |||
1152 | ||||
1153 | case IP_RECVDSTADDR7: | |||
1154 | optval = OPTBIT(INP_RECVDSTADDR)(inp->inp_flags & 0x004 ? 1 : 0); | |||
1155 | break; | |||
1156 | case IP_RECVIF30: | |||
1157 | optval = OPTBIT(INP_RECVIF)(inp->inp_flags & 0x080 ? 1 : 0); | |||
1158 | break; | |||
1159 | case IP_RECVTTL31: | |||
1160 | optval = OPTBIT(INP_RECVTTL)(inp->inp_flags & 0x040 ? 1 : 0); | |||
1161 | break; | |||
1162 | case IP_RECVDSTPORT33: | |||
1163 | optval = OPTBIT(INP_RECVDSTPORT)(inp->inp_flags & 0x200 ? 1 : 0); | |||
1164 | break; | |||
1165 | case IP_RECVRTABLE35: | |||
1166 | optval = OPTBIT(INP_RECVRTABLE)(inp->inp_flags & 0x400 ? 1 : 0); | |||
1167 | break; | |||
1168 | case IP_IPSECFLOWINFO36: | |||
1169 | optval = OPTBIT(INP_IPSECFLOWINFO)(inp->inp_flags & 0x800 ? 1 : 0); | |||
1170 | break; | |||
1171 | } | |||
1172 | *mtod(m, int *)((int *)((m)->m_hdr.mh_data)) = optval; | |||
1173 | break; | |||
1174 | ||||
1175 | case IP_MULTICAST_IF9: | |||
1176 | case IP_MULTICAST_TTL10: | |||
1177 | case IP_MULTICAST_LOOP11: | |||
1178 | case IP_ADD_MEMBERSHIP12: | |||
1179 | case IP_DROP_MEMBERSHIP13: | |||
1180 | error = ip_getmoptions(optname, inp->inp_moptionsinp_mou.mou_mo, m); | |||
1181 | break; | |||
1182 | ||||
1183 | case IP_PORTRANGE19: | |||
1184 | m->m_lenm_hdr.mh_len = sizeof(int); | |||
1185 | ||||
1186 | if (inp->inp_flags & INP_HIGHPORT0x010) | |||
1187 | optval = IP_PORTRANGE_HIGH1; | |||
1188 | else if (inp->inp_flags & INP_LOWPORT0x020) | |||
1189 | optval = IP_PORTRANGE_LOW2; | |||
1190 | else | |||
1191 | optval = 0; | |||
1192 | ||||
1193 | *mtod(m, int *)((int *)((m)->m_hdr.mh_data)) = optval; | |||
1194 | break; | |||
1195 | ||||
1196 | case IP_AUTH_LEVEL20: | |||
1197 | case IP_ESP_TRANS_LEVEL21: | |||
1198 | case IP_ESP_NETWORK_LEVEL22: | |||
1199 | case IP_IPCOMP_LEVEL29: | |||
1200 | #ifndef IPSEC1 | |||
1201 | m->m_lenm_hdr.mh_len = sizeof(int); | |||
1202 | *mtod(m, int *)((int *)((m)->m_hdr.mh_data)) = IPSEC_LEVEL_NONE0x00; | |||
1203 | #else | |||
1204 | m->m_lenm_hdr.mh_len = sizeof(int); | |||
1205 | switch (optname) { | |||
1206 | case IP_AUTH_LEVEL20: | |||
1207 | optval = inp->inp_seclevel[SL_AUTH0]; | |||
1208 | break; | |||
1209 | ||||
1210 | case IP_ESP_TRANS_LEVEL21: | |||
1211 | optval = inp->inp_seclevel[SL_ESP_TRANS1]; | |||
1212 | break; | |||
1213 | ||||
1214 | case IP_ESP_NETWORK_LEVEL22: | |||
1215 | optval = inp->inp_seclevel[SL_ESP_NETWORK2]; | |||
1216 | break; | |||
1217 | case IP_IPCOMP_LEVEL29: | |||
1218 | optval = inp->inp_seclevel[SL_IPCOMP3]; | |||
1219 | break; | |||
1220 | } | |||
1221 | *mtod(m, int *)((int *)((m)->m_hdr.mh_data)) = optval; | |||
1222 | #endif | |||
1223 | break; | |||
1224 | case IP_IPSEC_LOCAL_ID23: | |||
1225 | case IP_IPSEC_REMOTE_ID24: | |||
1226 | error = EOPNOTSUPP45; | |||
1227 | break; | |||
1228 | case SO_RTABLE0x1021: | |||
1229 | m->m_lenm_hdr.mh_len = sizeof(u_int); | |||
1230 | *mtod(m, u_int *)((u_int *)((m)->m_hdr.mh_data)) = inp->inp_rtableid; | |||
1231 | break; | |||
1232 | case IP_PIPEX34: | |||
1233 | m->m_lenm_hdr.mh_len = sizeof(int); | |||
1234 | *mtod(m, int *)((int *)((m)->m_hdr.mh_data)) = inp->inp_pipex; | |||
1235 | break; | |||
1236 | default: | |||
1237 | error = ENOPROTOOPT42; | |||
1238 | break; | |||
1239 | } | |||
1240 | break; | |||
1241 | } | |||
1242 | return (error); | |||
1243 | } | |||
1244 | ||||
1245 | /* | |||
1246 | * Set up IP options in pcb for insertion in output packets. | |||
1247 | * Store in mbuf with pointer in pcbopt, adding pseudo-option | |||
1248 | * with destination address if source routed. | |||
1249 | */ | |||
1250 | int | |||
1251 | ip_pcbopts(struct mbuf **pcbopt, struct mbuf *m) | |||
1252 | { | |||
1253 | struct mbuf *n; | |||
1254 | struct ipoption *p; | |||
1255 | int cnt, off, optlen; | |||
1256 | u_char *cp; | |||
1257 | u_char opt; | |||
1258 | ||||
1259 | /* turn off any old options */ | |||
1260 | m_freem(*pcbopt); | |||
1261 | *pcbopt = NULL((void *)0); | |||
1262 | if (m == NULL((void *)0) || m->m_lenm_hdr.mh_len == 0) { | |||
1263 | /* | |||
1264 | * Only turning off any previous options. | |||
1265 | */ | |||
1266 | return (0); | |||
1267 | } | |||
1268 | ||||
1269 | if (m->m_lenm_hdr.mh_len % sizeof(int32_t) || | |||
1270 | m->m_lenm_hdr.mh_len > MAX_IPOPTLEN40 + sizeof(struct in_addr)) | |||
1271 | return (EINVAL22); | |||
1272 | ||||
1273 | /* Don't sleep because NET_LOCK() is hold. */ | |||
1274 | if ((n = m_get(M_NOWAIT0x0002, MT_SOOPTS4)) == NULL((void *)0)) | |||
1275 | return (ENOBUFS55); | |||
1276 | p = mtod(n, struct ipoption *)((struct ipoption *)((n)->m_hdr.mh_data)); | |||
1277 | memset(p, 0, sizeof (*p))__builtin_memset((p), (0), (sizeof (*p))); /* 0 = IPOPT_EOL, needed for padding */ | |||
1278 | n->m_lenm_hdr.mh_len = sizeof(struct in_addr); | |||
1279 | ||||
1280 | off = 0; | |||
1281 | cnt = m->m_lenm_hdr.mh_len; | |||
1282 | cp = mtod(m, u_char *)((u_char *)((m)->m_hdr.mh_data)); | |||
1283 | ||||
1284 | while (cnt > 0) { | |||
1285 | opt = cp[IPOPT_OPTVAL0]; | |||
1286 | ||||
1287 | if (opt == IPOPT_NOP1 || opt == IPOPT_EOL0) { | |||
1288 | optlen = 1; | |||
1289 | } else { | |||
1290 | if (cnt < IPOPT_OLEN1 + sizeof(*cp)) | |||
1291 | goto bad; | |||
1292 | optlen = cp[IPOPT_OLEN1]; | |||
1293 | if (optlen < IPOPT_OLEN1 + sizeof(*cp) || optlen > cnt) | |||
1294 | goto bad; | |||
1295 | } | |||
1296 | switch (opt) { | |||
1297 | default: | |||
1298 | memcpy(p->ipopt_list + off, cp, optlen)__builtin_memcpy((p->ipopt_list + off), (cp), (optlen)); | |||
1299 | break; | |||
1300 | ||||
1301 | case IPOPT_LSRR131: | |||
1302 | case IPOPT_SSRR137: | |||
1303 | /* | |||
1304 | * user process specifies route as: | |||
1305 | * ->A->B->C->D | |||
1306 | * D must be our final destination (but we can't | |||
1307 | * check that since we may not have connected yet). | |||
1308 | * A is first hop destination, which doesn't appear in | |||
1309 | * actual IP option, but is stored before the options. | |||
1310 | */ | |||
1311 | if (optlen < IPOPT_MINOFF4 - 1 + sizeof(struct in_addr)) | |||
1312 | goto bad; | |||
1313 | ||||
1314 | /* | |||
1315 | * Optlen is smaller because first address is popped. | |||
1316 | * Cnt and cp will be adjusted a bit later to reflect | |||
1317 | * this. | |||
1318 | */ | |||
1319 | optlen -= sizeof(struct in_addr); | |||
1320 | p->ipopt_list[off + IPOPT_OPTVAL0] = opt; | |||
1321 | p->ipopt_list[off + IPOPT_OLEN1] = optlen; | |||
1322 | ||||
1323 | /* | |||
1324 | * Move first hop before start of options. | |||
1325 | */ | |||
1326 | memcpy(&p->ipopt_dst, cp + IPOPT_OFFSET,__builtin_memcpy((&p->ipopt_dst), (cp + 2), (sizeof(struct in_addr))) | |||
1327 | sizeof(struct in_addr))__builtin_memcpy((&p->ipopt_dst), (cp + 2), (sizeof(struct in_addr))); | |||
1328 | cp += sizeof(struct in_addr); | |||
1329 | cnt -= sizeof(struct in_addr); | |||
1330 | /* | |||
1331 | * Then copy rest of options | |||
1332 | */ | |||
1333 | memcpy(p->ipopt_list + off + IPOPT_OFFSET,__builtin_memcpy((p->ipopt_list + off + 2), (cp + 2), (optlen - 2)) | |||
1334 | cp + IPOPT_OFFSET, optlen - IPOPT_OFFSET)__builtin_memcpy((p->ipopt_list + off + 2), (cp + 2), (optlen - 2)); | |||
1335 | break; | |||
1336 | } | |||
1337 | off += optlen; | |||
1338 | cp += optlen; | |||
1339 | cnt -= optlen; | |||
1340 | ||||
1341 | if (opt == IPOPT_EOL0) | |||
1342 | break; | |||
1343 | } | |||
1344 | /* pad options to next word, since p was zeroed just adjust off */ | |||
1345 | off = (off + sizeof(int32_t) - 1) & ~(sizeof(int32_t) - 1); | |||
1346 | n->m_lenm_hdr.mh_len += off; | |||
1347 | if (n->m_lenm_hdr.mh_len > sizeof(*p)) { | |||
1348 | bad: | |||
1349 | m_freem(n); | |||
1350 | return (EINVAL22); | |||
1351 | } | |||
1352 | ||||
1353 | *pcbopt = n; | |||
1354 | return (0); | |||
1355 | } | |||
1356 | ||||
1357 | /* | |||
1358 | * Lookup the interface based on the information in the ip_mreqn struct. | |||
1359 | */ | |||
1360 | int | |||
1361 | ip_multicast_if(struct ip_mreqn *mreq, u_int rtableid, unsigned int *ifidx) | |||
1362 | { | |||
1363 | struct sockaddr_in sin; | |||
1364 | struct rtentry *rt; | |||
1365 | ||||
1366 | /* | |||
1367 | * In case userland provides the imr_ifindex use this as interface. | |||
1368 | * If no interface address was provided, use the interface of | |||
1369 | * the route to the given multicast address. | |||
1370 | */ | |||
1371 | if (mreq->imr_ifindex != 0) { | |||
1372 | *ifidx = mreq->imr_ifindex; | |||
1373 | } else if (mreq->imr_address.s_addr == INADDR_ANY((u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0x00000000 )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0x00000000)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0x00000000) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0x00000000 ))))) { | |||
1374 | memset(&sin, 0, sizeof(sin))__builtin_memset((&sin), (0), (sizeof(sin))); | |||
1375 | sin.sin_len = sizeof(sin); | |||
1376 | sin.sin_family = AF_INET2; | |||
1377 | sin.sin_addr = mreq->imr_multiaddr; | |||
1378 | rt = rtalloc(sintosa(&sin), RT_RESOLVE1, rtableid); | |||
1379 | if (!rtisvalid(rt)) { | |||
1380 | rtfree(rt); | |||
1381 | return EADDRNOTAVAIL49; | |||
1382 | } | |||
1383 | *ifidx = rt->rt_ifidx; | |||
1384 | rtfree(rt); | |||
1385 | } else { | |||
1386 | memset(&sin, 0, sizeof(sin))__builtin_memset((&sin), (0), (sizeof(sin))); | |||
1387 | sin.sin_len = sizeof(sin); | |||
1388 | sin.sin_family = AF_INET2; | |||
1389 | sin.sin_addr = mreq->imr_address; | |||
1390 | rt = rtalloc(sintosa(&sin), 0, rtableid); | |||
1391 | if (!rtisvalid(rt) || !ISSET(rt->rt_flags, RTF_LOCAL)((rt->rt_flags) & (0x200000))) { | |||
1392 | rtfree(rt); | |||
1393 | return EADDRNOTAVAIL49; | |||
1394 | } | |||
1395 | *ifidx = rt->rt_ifidx; | |||
1396 | rtfree(rt); | |||
1397 | } | |||
1398 | ||||
1399 | return 0; | |||
1400 | } | |||
1401 | ||||
1402 | /* | |||
1403 | * Set the IP multicast options in response to user setsockopt(). | |||
1404 | */ | |||
1405 | int | |||
1406 | ip_setmoptions(int optname, struct ip_moptions **imop, struct mbuf *m, | |||
1407 | u_int rtableid) | |||
1408 | { | |||
1409 | struct in_addr addr; | |||
1410 | struct in_ifaddr *ia; | |||
1411 | struct ip_mreqn mreqn; | |||
1412 | struct ifnet *ifp = NULL((void *)0); | |||
1413 | struct ip_moptions *imo = *imop; | |||
1414 | struct in_multi **immp; | |||
1415 | struct sockaddr_in sin; | |||
1416 | unsigned int ifidx; | |||
1417 | int i, error = 0; | |||
1418 | u_char loop; | |||
1419 | ||||
1420 | if (imo == NULL((void *)0)) { | |||
1421 | /* | |||
1422 | * No multicast option buffer attached to the pcb; | |||
1423 | * allocate one and initialize to default values. | |||
1424 | */ | |||
1425 | imo = malloc(sizeof(*imo), M_IPMOPTS53, M_WAITOK0x0001|M_ZERO0x0008); | |||
1426 | immp = mallocarray(IP_MIN_MEMBERSHIPS15, sizeof(*immp), M_IPMOPTS53, | |||
1427 | M_WAITOK0x0001|M_ZERO0x0008); | |||
1428 | *imop = imo; | |||
1429 | imo->imo_ifidx = 0; | |||
1430 | imo->imo_ttl = IP_DEFAULT_MULTICAST_TTL1; | |||
1431 | imo->imo_loop = IP_DEFAULT_MULTICAST_LOOP1; | |||
1432 | imo->imo_num_memberships = 0; | |||
1433 | imo->imo_max_memberships = IP_MIN_MEMBERSHIPS15; | |||
1434 | imo->imo_membership = immp; | |||
1435 | } | |||
1436 | ||||
1437 | switch (optname) { | |||
1438 | ||||
1439 | case IP_MULTICAST_IF9: | |||
1440 | /* | |||
1441 | * Select the interface for outgoing multicast packets. | |||
1442 | */ | |||
1443 | if (m == NULL((void *)0)) { | |||
1444 | error = EINVAL22; | |||
1445 | break; | |||
1446 | } | |||
1447 | if (m->m_lenm_hdr.mh_len == sizeof(struct in_addr)) { | |||
1448 | addr = *(mtod(m, struct in_addr *)((struct in_addr *)((m)->m_hdr.mh_data))); | |||
1449 | } else if (m->m_lenm_hdr.mh_len == sizeof(struct ip_mreq) || | |||
1450 | m->m_lenm_hdr.mh_len == sizeof(struct ip_mreqn)) { | |||
1451 | memset(&mreqn, 0, sizeof(mreqn))__builtin_memset((&mreqn), (0), (sizeof(mreqn))); | |||
1452 | memcpy(&mreqn, mtod(m, void *), m->m_len)__builtin_memcpy((&mreqn), (((void *)((m)->m_hdr.mh_data ))), (m->m_hdr.mh_len)); | |||
1453 | ||||
1454 | /* | |||
1455 | * If an interface index is given use this | |||
1456 | * index to set the imo_ifidx but check first | |||
1457 | * that the interface actually exists. | |||
1458 | * In the other case just set the addr to | |||
1459 | * the imr_address and fall through to the | |||
1460 | * regular code. | |||
1461 | */ | |||
1462 | if (mreqn.imr_ifindex != 0) { | |||
1463 | ifp = if_get(mreqn.imr_ifindex); | |||
1464 | if (ifp == NULL((void *)0) || | |||
1465 | ifp->if_rdomainif_data.ifi_rdomain != rtable_l2(rtableid)) { | |||
1466 | error = EADDRNOTAVAIL49; | |||
1467 | if_put(ifp); | |||
1468 | break; | |||
1469 | } | |||
1470 | imo->imo_ifidx = ifp->if_index; | |||
1471 | if_put(ifp); | |||
1472 | break; | |||
1473 | } else | |||
1474 | addr = mreqn.imr_address; | |||
1475 | } else { | |||
1476 | error = EINVAL22; | |||
1477 | break; | |||
1478 | } | |||
1479 | /* | |||
1480 | * INADDR_ANY is used to remove a previous selection. | |||
1481 | * When no interface is selected, a default one is | |||
1482 | * chosen every time a multicast packet is sent. | |||
1483 | */ | |||
1484 | if (addr.s_addr == INADDR_ANY((u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0x00000000 )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0x00000000)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0x00000000) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0x00000000 ))))) { | |||
1485 | imo->imo_ifidx = 0; | |||
1486 | break; | |||
1487 | } | |||
1488 | /* | |||
1489 | * The selected interface is identified by its local | |||
1490 | * IP address. Find the interface and confirm that | |||
1491 | * it supports multicasting. | |||
1492 | */ | |||
1493 | memset(&sin, 0, sizeof(sin))__builtin_memset((&sin), (0), (sizeof(sin))); | |||
1494 | sin.sin_len = sizeof(sin); | |||
1495 | sin.sin_family = AF_INET2; | |||
1496 | sin.sin_addr = addr; | |||
1497 | ia = ifatoia(ifa_ifwithaddr(sintosa(&sin), rtableid)); | |||
1498 | if (ia == NULL((void *)0) || | |||
1499 | (ia->ia_ifpia_ifa.ifa_ifp->if_flags & IFF_MULTICAST0x8000) == 0) { | |||
1500 | error = EADDRNOTAVAIL49; | |||
1501 | break; | |||
1502 | } | |||
1503 | imo->imo_ifidx = ia->ia_ifpia_ifa.ifa_ifp->if_index; | |||
1504 | break; | |||
1505 | ||||
1506 | case IP_MULTICAST_TTL10: | |||
1507 | /* | |||
1508 | * Set the IP time-to-live for outgoing multicast packets. | |||
1509 | */ | |||
1510 | if (m == NULL((void *)0) || m->m_lenm_hdr.mh_len != 1) { | |||
1511 | error = EINVAL22; | |||
1512 | break; | |||
1513 | } | |||
1514 | imo->imo_ttl = *(mtod(m, u_char *)((u_char *)((m)->m_hdr.mh_data))); | |||
1515 | break; | |||
1516 | ||||
1517 | case IP_MULTICAST_LOOP11: | |||
1518 | /* | |||
1519 | * Set the loopback flag for outgoing multicast packets. | |||
1520 | * Must be zero or one. | |||
1521 | */ | |||
1522 | if (m == NULL((void *)0) || m->m_lenm_hdr.mh_len != 1 || | |||
1523 | (loop = *(mtod(m, u_char *)((u_char *)((m)->m_hdr.mh_data)))) > 1) { | |||
1524 | error = EINVAL22; | |||
1525 | break; | |||
1526 | } | |||
1527 | imo->imo_loop = loop; | |||
1528 | break; | |||
1529 | ||||
1530 | case IP_ADD_MEMBERSHIP12: | |||
1531 | /* | |||
1532 | * Add a multicast group membership. | |||
1533 | * Group must be a valid IP multicast address. | |||
1534 | */ | |||
1535 | if (m == NULL((void *)0) || !(m->m_lenm_hdr.mh_len == sizeof(struct ip_mreq) || | |||
1536 | m->m_lenm_hdr.mh_len == sizeof(struct ip_mreqn))) { | |||
1537 | error = EINVAL22; | |||
1538 | break; | |||
1539 | } | |||
1540 | memset(&mreqn, 0, sizeof(mreqn))__builtin_memset((&mreqn), (0), (sizeof(mreqn))); | |||
1541 | memcpy(&mreqn, mtod(m, void *), m->m_len)__builtin_memcpy((&mreqn), (((void *)((m)->m_hdr.mh_data ))), (m->m_hdr.mh_len)); | |||
1542 | if (!IN_MULTICAST(mreqn.imr_multiaddr.s_addr)(((u_int32_t)(mreqn.imr_multiaddr.s_addr) & ((u_int32_t) ( __uint32_t)(__builtin_constant_p((u_int32_t)(0xf0000000)) ? ( __uint32_t)(((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff ) << 24 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff00 ) << 8 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff0000 ) >> 8 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff000000 ) >> 24) : __swap32md((u_int32_t)(0xf0000000))))) == (( u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0xe0000000 )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0xe0000000) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0xe0000000 )))))) { | |||
1543 | error = EINVAL22; | |||
1544 | break; | |||
1545 | } | |||
1546 | ||||
1547 | error = ip_multicast_if(&mreqn, rtableid, &ifidx); | |||
1548 | if (error) | |||
1549 | break; | |||
1550 | ||||
1551 | /* | |||
1552 | * See if we found an interface, and confirm that it | |||
1553 | * supports multicast. | |||
1554 | */ | |||
1555 | ifp = if_get(ifidx); | |||
1556 | if (ifp == NULL((void *)0) || ifp->if_rdomainif_data.ifi_rdomain != rtable_l2(rtableid) || | |||
1557 | (ifp->if_flags & IFF_MULTICAST0x8000) == 0) { | |||
1558 | error = EADDRNOTAVAIL49; | |||
1559 | if_put(ifp); | |||
1560 | break; | |||
1561 | } | |||
1562 | ||||
1563 | /* | |||
1564 | * See if the membership already exists or if all the | |||
1565 | * membership slots are full. | |||
1566 | */ | |||
1567 | for (i = 0; i < imo->imo_num_memberships; ++i) { | |||
1568 | if (imo->imo_membership[i]->inm_ifidxinm_ifma.ifma_ifidx == ifidx && | |||
1569 | imo->imo_membership[i]->inm_addrinm_sin.sin_addr.s_addr | |||
1570 | == mreqn.imr_multiaddr.s_addr) | |||
1571 | break; | |||
1572 | } | |||
1573 | if (i < imo->imo_num_memberships) { | |||
1574 | error = EADDRINUSE48; | |||
1575 | if_put(ifp); | |||
1576 | break; | |||
1577 | } | |||
1578 | if (imo->imo_num_memberships == imo->imo_max_memberships) { | |||
1579 | struct in_multi **nmships, **omships; | |||
1580 | size_t newmax; | |||
1581 | /* | |||
1582 | * Resize the vector to next power-of-two minus 1. If | |||
1583 | * the size would exceed the maximum then we know we've | |||
1584 | * really run out of entries. Otherwise, we reallocate | |||
1585 | * the vector. | |||
1586 | */ | |||
1587 | nmships = NULL((void *)0); | |||
1588 | omships = imo->imo_membership; | |||
1589 | newmax = ((imo->imo_max_memberships + 1) * 2) - 1; | |||
1590 | if (newmax <= IP_MAX_MEMBERSHIPS4095) { | |||
1591 | nmships = mallocarray(newmax, sizeof(*nmships), | |||
1592 | M_IPMOPTS53, M_NOWAIT0x0002|M_ZERO0x0008); | |||
1593 | if (nmships != NULL((void *)0)) { | |||
1594 | memcpy(nmships, omships,__builtin_memcpy((nmships), (omships), (sizeof(*omships) * imo ->imo_max_memberships)) | |||
1595 | sizeof(*omships) *__builtin_memcpy((nmships), (omships), (sizeof(*omships) * imo ->imo_max_memberships)) | |||
1596 | imo->imo_max_memberships)__builtin_memcpy((nmships), (omships), (sizeof(*omships) * imo ->imo_max_memberships)); | |||
1597 | free(omships, M_IPMOPTS53, | |||
1598 | sizeof(*omships) * | |||
1599 | imo->imo_max_memberships); | |||
1600 | imo->imo_membership = nmships; | |||
1601 | imo->imo_max_memberships = newmax; | |||
1602 | } | |||
1603 | } | |||
1604 | if (nmships == NULL((void *)0)) { | |||
1605 | error = ENOBUFS55; | |||
1606 | if_put(ifp); | |||
1607 | break; | |||
1608 | } | |||
1609 | } | |||
1610 | /* | |||
1611 | * Everything looks good; add a new record to the multicast | |||
1612 | * address list for the given interface. | |||
1613 | */ | |||
1614 | if ((imo->imo_membership[i] = | |||
1615 | in_addmulti(&mreqn.imr_multiaddr, ifp)) == NULL((void *)0)) { | |||
1616 | error = ENOBUFS55; | |||
1617 | if_put(ifp); | |||
1618 | break; | |||
1619 | } | |||
1620 | ++imo->imo_num_memberships; | |||
1621 | if_put(ifp); | |||
1622 | break; | |||
1623 | ||||
1624 | case IP_DROP_MEMBERSHIP13: | |||
1625 | /* | |||
1626 | * Drop a multicast group membership. | |||
1627 | * Group must be a valid IP multicast address. | |||
1628 | */ | |||
1629 | if (m == NULL((void *)0) || !(m->m_lenm_hdr.mh_len == sizeof(struct ip_mreq) || | |||
1630 | m->m_lenm_hdr.mh_len == sizeof(struct ip_mreqn))) { | |||
1631 | error = EINVAL22; | |||
1632 | break; | |||
1633 | } | |||
1634 | memset(&mreqn, 0, sizeof(mreqn))__builtin_memset((&mreqn), (0), (sizeof(mreqn))); | |||
1635 | memcpy(&mreqn, mtod(m, void *), m->m_len)__builtin_memcpy((&mreqn), (((void *)((m)->m_hdr.mh_data ))), (m->m_hdr.mh_len)); | |||
1636 | if (!IN_MULTICAST(mreqn.imr_multiaddr.s_addr)(((u_int32_t)(mreqn.imr_multiaddr.s_addr) & ((u_int32_t) ( __uint32_t)(__builtin_constant_p((u_int32_t)(0xf0000000)) ? ( __uint32_t)(((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff ) << 24 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff00 ) << 8 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff0000 ) >> 8 | ((__uint32_t)((u_int32_t)(0xf0000000)) & 0xff000000 ) >> 24) : __swap32md((u_int32_t)(0xf0000000))))) == (( u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0xe0000000 )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0xe0000000)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0xe0000000) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0xe0000000 )))))) { | |||
1637 | error = EINVAL22; | |||
1638 | break; | |||
1639 | } | |||
1640 | ||||
1641 | /* | |||
1642 | * If an interface address was specified, get a pointer | |||
1643 | * to its ifnet structure. | |||
1644 | */ | |||
1645 | error = ip_multicast_if(&mreqn, rtableid, &ifidx); | |||
1646 | if (error) | |||
1647 | break; | |||
1648 | ||||
1649 | /* | |||
1650 | * Find the membership in the membership array. | |||
1651 | */ | |||
1652 | for (i = 0; i < imo->imo_num_memberships; ++i) { | |||
1653 | if ((ifidx == 0 || | |||
1654 | imo->imo_membership[i]->inm_ifidxinm_ifma.ifma_ifidx == ifidx) && | |||
1655 | imo->imo_membership[i]->inm_addrinm_sin.sin_addr.s_addr == | |||
1656 | mreqn.imr_multiaddr.s_addr) | |||
1657 | break; | |||
1658 | } | |||
1659 | if (i == imo->imo_num_memberships) { | |||
1660 | error = EADDRNOTAVAIL49; | |||
1661 | break; | |||
1662 | } | |||
1663 | /* | |||
1664 | * Give up the multicast address record to which the | |||
1665 | * membership points. | |||
1666 | */ | |||
1667 | in_delmulti(imo->imo_membership[i]); | |||
1668 | /* | |||
1669 | * Remove the gap in the membership array. | |||
1670 | */ | |||
1671 | for (++i; i < imo->imo_num_memberships; ++i) | |||
1672 | imo->imo_membership[i-1] = imo->imo_membership[i]; | |||
1673 | --imo->imo_num_memberships; | |||
1674 | break; | |||
1675 | ||||
1676 | default: | |||
1677 | error = EOPNOTSUPP45; | |||
1678 | break; | |||
1679 | } | |||
1680 | ||||
1681 | /* | |||
1682 | * If all options have default values, no need to keep the data. | |||
1683 | */ | |||
1684 | if (imo->imo_ifidx == 0 && | |||
1685 | imo->imo_ttl == IP_DEFAULT_MULTICAST_TTL1 && | |||
1686 | imo->imo_loop == IP_DEFAULT_MULTICAST_LOOP1 && | |||
1687 | imo->imo_num_memberships == 0) { | |||
1688 | free(imo->imo_membership , M_IPMOPTS53, | |||
1689 | imo->imo_max_memberships * sizeof(struct in_multi *)); | |||
1690 | free(*imop, M_IPMOPTS53, sizeof(**imop)); | |||
1691 | *imop = NULL((void *)0); | |||
1692 | } | |||
1693 | ||||
1694 | return (error); | |||
1695 | } | |||
1696 | ||||
1697 | /* | |||
1698 | * Return the IP multicast options in response to user getsockopt(). | |||
1699 | */ | |||
1700 | int | |||
1701 | ip_getmoptions(int optname, struct ip_moptions *imo, struct mbuf *m) | |||
1702 | { | |||
1703 | u_char *ttl; | |||
1704 | u_char *loop; | |||
1705 | struct in_addr *addr; | |||
1706 | struct in_ifaddr *ia; | |||
1707 | struct ifnet *ifp; | |||
1708 | ||||
1709 | switch (optname) { | |||
1710 | ||||
1711 | case IP_MULTICAST_IF9: | |||
1712 | addr = mtod(m, struct in_addr *)((struct in_addr *)((m)->m_hdr.mh_data)); | |||
1713 | m->m_lenm_hdr.mh_len = sizeof(struct in_addr); | |||
1714 | if (imo == NULL((void *)0) || (ifp = if_get(imo->imo_ifidx)) == NULL((void *)0)) | |||
1715 | addr->s_addr = INADDR_ANY((u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0x00000000 )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0x00000000)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0x00000000) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0x00000000 )))); | |||
1716 | else { | |||
1717 | IFP_TO_IA(ifp, ia)do { struct ifaddr *ifa; do { int _s = rw_status(&netlock ); if ((splassert_ctl > 0) && (_s != 0x0001UL && _s != 0x0002UL)) splassert_fail(0x0002UL, _s, __func__); } while (0); for((ifa) = ((&(ifp)->if_addrlist)->tqh_first ); (ifa) != ((void *)0); (ifa) = ((ifa)->ifa_list.tqe_next )) { if (ifa->ifa_addr->sa_family == 2) break; } (ia) = ifatoia(ifa); } while ( 0); | |||
1718 | addr->s_addr = (ia == NULL((void *)0)) ? INADDR_ANY((u_int32_t) (__uint32_t)(__builtin_constant_p((u_int32_t)(0x00000000 )) ? (__uint32_t)(((__uint32_t)((u_int32_t)(0x00000000)) & 0xff) << 24 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff00) << 8 | ((__uint32_t)((u_int32_t)(0x00000000)) & 0xff0000) >> 8 | ((__uint32_t)((u_int32_t)(0x00000000) ) & 0xff000000) >> 24) : __swap32md((u_int32_t)(0x00000000 )))) | |||
1719 | : ia->ia_addr.sin_addr.s_addr; | |||
1720 | if_put(ifp); | |||
1721 | } | |||
1722 | return (0); | |||
1723 | ||||
1724 | case IP_MULTICAST_TTL10: | |||
1725 | ttl = mtod(m, u_char *)((u_char *)((m)->m_hdr.mh_data)); | |||
1726 | m->m_lenm_hdr.mh_len = 1; | |||
1727 | *ttl = (imo == NULL((void *)0)) ? IP_DEFAULT_MULTICAST_TTL1 | |||
1728 | : imo->imo_ttl; | |||
1729 | return (0); | |||
1730 | ||||
1731 | case IP_MULTICAST_LOOP11: | |||
1732 | loop = mtod(m, u_char *)((u_char *)((m)->m_hdr.mh_data)); | |||
1733 | m->m_lenm_hdr.mh_len = 1; | |||
1734 | *loop = (imo == NULL((void *)0)) ? IP_DEFAULT_MULTICAST_LOOP1 | |||
1735 | : imo->imo_loop; | |||
1736 | return (0); | |||
1737 | ||||
1738 | default: | |||
1739 | return (EOPNOTSUPP45); | |||
1740 | } | |||
1741 | } | |||
1742 | ||||
1743 | /* | |||
1744 | * Discard the IP multicast options. | |||
1745 | */ | |||
1746 | void | |||
1747 | ip_freemoptions(struct ip_moptions *imo) | |||
1748 | { | |||
1749 | int i; | |||
1750 | ||||
1751 | if (imo != NULL((void *)0)) { | |||
1752 | for (i = 0; i < imo->imo_num_memberships; ++i) | |||
1753 | in_delmulti(imo->imo_membership[i]); | |||
1754 | free(imo->imo_membership, M_IPMOPTS53, | |||
1755 | imo->imo_max_memberships * sizeof(struct in_multi *)); | |||
1756 | free(imo, M_IPMOPTS53, sizeof(*imo)); | |||
1757 | } | |||
1758 | } | |||
1759 | ||||
1760 | /* | |||
1761 | * Routine called from ip_output() to loop back a copy of an IP multicast | |||
1762 | * packet to the input queue of a specified interface. | |||
1763 | */ | |||
1764 | void | |||
1765 | ip_mloopback(struct ifnet *ifp, struct mbuf *m, struct sockaddr_in *dst) | |||
1766 | { | |||
1767 | struct mbuf *copym; | |||
1768 | ||||
1769 | copym = m_dup_pkt(m, max_linkhdr, M_DONTWAIT0x0002); | |||
1770 | if (copym != NULL((void *)0)) { | |||
1771 | /* | |||
1772 | * We don't bother to fragment if the IP length is greater | |||
1773 | * than the interface's MTU. Can this possibly matter? | |||
1774 | */ | |||
1775 | in_hdr_cksum_out(copym, NULL((void *)0)); | |||
1776 | if_input_local(ifp, copym, dst->sin_family); | |||
1777 | } | |||
1778 | } | |||
1779 | ||||
1780 | void | |||
1781 | in_hdr_cksum_out(struct mbuf *m, struct ifnet *ifp) | |||
1782 | { | |||
1783 | struct ip *ip = mtod(m, struct ip *)((struct ip *)((m)->m_hdr.mh_data)); | |||
1784 | ||||
1785 | ip->ip_sum = 0; | |||
1786 | if (in_ifcap_cksum(m, ifp, IFCAP_CSUM_IPv40x00000001)) { | |||
1787 | SET(m->m_pkthdr.csum_flags, M_IPV4_CSUM_OUT)((m->M_dat.MH.MH_pkthdr.csum_flags) |= (0x0001)); | |||
1788 | } else { | |||
1789 | ipstat_inc(ips_outswcsum); | |||
1790 | ip->ip_sum = in_cksum(m, ip->ip_hl << 2); | |||
1791 | CLR(m->m_pkthdr.csum_flags, M_IPV4_CSUM_OUT)((m->M_dat.MH.MH_pkthdr.csum_flags) &= ~(0x0001)); | |||
1792 | } | |||
1793 | } | |||
1794 | ||||
1795 | /* | |||
1796 | * Compute significant parts of the IPv4 checksum pseudo-header | |||
1797 | * for use in a delayed TCP/UDP checksum calculation. | |||
1798 | */ | |||
1799 | static u_int16_t | |||
1800 | in_cksum_phdr(u_int32_t src, u_int32_t dst, u_int32_t lenproto) | |||
1801 | { | |||
1802 | u_int32_t sum; | |||
1803 | ||||
1804 | sum = lenproto + | |||
1805 | (u_int16_t)(src >> 16) + | |||
1806 | (u_int16_t)(src /*& 0xffff*/) + | |||
1807 | (u_int16_t)(dst >> 16) + | |||
1808 | (u_int16_t)(dst /*& 0xffff*/); | |||
1809 | ||||
1810 | sum = (u_int16_t)(sum >> 16) + (u_int16_t)(sum /*& 0xffff*/); | |||
1811 | ||||
1812 | if (sum > 0xffff) | |||
1813 | sum -= 0xffff; | |||
1814 | ||||
1815 | return (sum); | |||
1816 | } | |||
1817 | ||||
1818 | /* | |||
1819 | * Process a delayed payload checksum calculation. | |||
1820 | */ | |||
1821 | void | |||
1822 | in_delayed_cksum(struct mbuf *m) | |||
1823 | { | |||
1824 | struct ip *ip; | |||
1825 | u_int16_t csum, offset; | |||
1826 | ||||
1827 | ip = mtod(m, struct ip *)((struct ip *)((m)->m_hdr.mh_data)); | |||
1828 | offset = ip->ip_hl << 2; | |||
1829 | csum = in4_cksum(m, 0, offset, m->m_pkthdrM_dat.MH.MH_pkthdr.len - offset); | |||
1830 | if (csum == 0 && ip->ip_p == IPPROTO_UDP17) | |||
1831 | csum = 0xffff; | |||
1832 | ||||
1833 | switch (ip->ip_p) { | |||
1834 | case IPPROTO_TCP6: | |||
1835 | offset += offsetof(struct tcphdr, th_sum)__builtin_offsetof(struct tcphdr, th_sum); | |||
1836 | break; | |||
1837 | ||||
1838 | case IPPROTO_UDP17: | |||
1839 | offset += offsetof(struct udphdr, uh_sum)__builtin_offsetof(struct udphdr, uh_sum); | |||
1840 | break; | |||
1841 | ||||
1842 | case IPPROTO_ICMP1: | |||
1843 | offset += offsetof(struct icmp, icmp_cksum)__builtin_offsetof(struct icmp, icmp_cksum); | |||
1844 | break; | |||
1845 | ||||
1846 | default: | |||
1847 | return; | |||
1848 | } | |||
1849 | ||||
1850 | if ((offset + sizeof(u_int16_t)) > m->m_lenm_hdr.mh_len) | |||
1851 | m_copyback(m, offset, sizeof(csum), &csum, M_NOWAIT0x0002); | |||
1852 | else | |||
1853 | *(u_int16_t *)(mtod(m, caddr_t)((caddr_t)((m)->m_hdr.mh_data)) + offset) = csum; | |||
1854 | } | |||
1855 | ||||
1856 | void | |||
1857 | in_proto_cksum_out(struct mbuf *m, struct ifnet *ifp) | |||
1858 | { | |||
1859 | struct ip *ip = mtod(m, struct ip *)((struct ip *)((m)->m_hdr.mh_data)); | |||
1860 | ||||
1861 | /* some hw and in_delayed_cksum need the pseudo header cksum */ | |||
1862 | if (m->m_pkthdrM_dat.MH.MH_pkthdr.csum_flags & | |||
1863 | (M_TCP_CSUM_OUT0x0002|M_UDP_CSUM_OUT0x0004|M_ICMP_CSUM_OUT0x0200)) { | |||
1864 | u_int16_t csum = 0, offset; | |||
1865 | ||||
1866 | offset = ip->ip_hl << 2; | |||
1867 | if (ISSET(m->m_pkthdr.csum_flags, M_TCP_TSO)((m->M_dat.MH.MH_pkthdr.csum_flags) & (0x8000)) && | |||
1868 | in_ifcap_cksum(m, ifp, IFCAP_TSOv40x00001000)) { | |||
1869 | csum = in_cksum_phdr(ip->ip_src.s_addr, | |||
1870 | ip->ip_dst.s_addr, htonl(ip->ip_p)(__uint32_t)(__builtin_constant_p(ip->ip_p) ? (__uint32_t) (((__uint32_t)(ip->ip_p) & 0xff) << 24 | ((__uint32_t )(ip->ip_p) & 0xff00) << 8 | ((__uint32_t)(ip-> ip_p) & 0xff0000) >> 8 | ((__uint32_t)(ip->ip_p) & 0xff000000) >> 24) : __swap32md(ip->ip_p))); | |||
1871 | } else if (ISSET(m->m_pkthdr.csum_flags,((m->M_dat.MH.MH_pkthdr.csum_flags) & (0x0002|0x0004)) | |||
1872 | M_TCP_CSUM_OUT|M_UDP_CSUM_OUT)((m->M_dat.MH.MH_pkthdr.csum_flags) & (0x0002|0x0004))) { | |||
1873 | csum = in_cksum_phdr(ip->ip_src.s_addr, | |||
1874 | ip->ip_dst.s_addr, htonl(ntohs(ip->ip_len) -(__uint32_t)(__builtin_constant_p((__uint16_t)(__builtin_constant_p (ip->ip_len) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U ) >> 8) : __swap16md(ip->ip_len)) - offset + ip-> ip_p) ? (__uint32_t)(((__uint32_t)((__uint16_t)(__builtin_constant_p (ip->ip_len) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U ) >> 8) : __swap16md(ip->ip_len)) - offset + ip-> ip_p) & 0xff) << 24 | ((__uint32_t)((__uint16_t)(__builtin_constant_p (ip->ip_len) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U ) >> 8) : __swap16md(ip->ip_len)) - offset + ip-> ip_p) & 0xff00) << 8 | ((__uint32_t)((__uint16_t)(__builtin_constant_p (ip->ip_len) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U ) >> 8) : __swap16md(ip->ip_len)) - offset + ip-> ip_p) & 0xff0000) >> 8 | ((__uint32_t)((__uint16_t) (__builtin_constant_p(ip->ip_len) ? (__uint16_t)(((__uint16_t )(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip-> ip_len) & 0xff00U) >> 8) : __swap16md(ip->ip_len )) - offset + ip->ip_p) & 0xff000000) >> 24) : __swap32md ((__uint16_t)(__builtin_constant_p(ip->ip_len) ? (__uint16_t )(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t )(ip->ip_len) & 0xff00U) >> 8) : __swap16md(ip-> ip_len)) - offset + ip->ip_p)) | |||
1875 | offset + ip->ip_p)(__uint32_t)(__builtin_constant_p((__uint16_t)(__builtin_constant_p (ip->ip_len) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U ) >> 8) : __swap16md(ip->ip_len)) - offset + ip-> ip_p) ? (__uint32_t)(((__uint32_t)((__uint16_t)(__builtin_constant_p (ip->ip_len) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U ) >> 8) : __swap16md(ip->ip_len)) - offset + ip-> ip_p) & 0xff) << 24 | ((__uint32_t)((__uint16_t)(__builtin_constant_p (ip->ip_len) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U ) >> 8) : __swap16md(ip->ip_len)) - offset + ip-> ip_p) & 0xff00) << 8 | ((__uint32_t)((__uint16_t)(__builtin_constant_p (ip->ip_len) ? (__uint16_t)(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip->ip_len) & 0xff00U ) >> 8) : __swap16md(ip->ip_len)) - offset + ip-> ip_p) & 0xff0000) >> 8 | ((__uint32_t)((__uint16_t) (__builtin_constant_p(ip->ip_len) ? (__uint16_t)(((__uint16_t )(ip->ip_len) & 0xffU) << 8 | ((__uint16_t)(ip-> ip_len) & 0xff00U) >> 8) : __swap16md(ip->ip_len )) - offset + ip->ip_p) & 0xff000000) >> 24) : __swap32md ((__uint16_t)(__builtin_constant_p(ip->ip_len) ? (__uint16_t )(((__uint16_t)(ip->ip_len) & 0xffU) << 8 | ((__uint16_t )(ip->ip_len) & 0xff00U) >> 8) : __swap16md(ip-> ip_len)) - offset + ip->ip_p))); | |||
1876 | } | |||
1877 | if (ip->ip_p == IPPROTO_TCP6) | |||
1878 | offset += offsetof(struct tcphdr, th_sum)__builtin_offsetof(struct tcphdr, th_sum); | |||
1879 | else if (ip->ip_p == IPPROTO_UDP17) | |||
1880 | offset += offsetof(struct udphdr, uh_sum)__builtin_offsetof(struct udphdr, uh_sum); | |||
1881 | else if (ip->ip_p == IPPROTO_ICMP1) | |||
1882 | offset += offsetof(struct icmp, icmp_cksum)__builtin_offsetof(struct icmp, icmp_cksum); | |||
1883 | if ((offset + sizeof(u_int16_t)) > m->m_lenm_hdr.mh_len) | |||
1884 | m_copyback(m, offset, sizeof(csum), &csum, M_NOWAIT0x0002); | |||
1885 | else | |||
1886 | *(u_int16_t *)(mtod(m, caddr_t)((caddr_t)((m)->m_hdr.mh_data)) + offset) = csum; | |||
1887 | } | |||
1888 | ||||
1889 | if (m->m_pkthdrM_dat.MH.MH_pkthdr.csum_flags & M_TCP_CSUM_OUT0x0002) { | |||
1890 | if (!in_ifcap_cksum(m, ifp, IFCAP_CSUM_TCPv40x00000002) || | |||
1891 | ip->ip_hl != 5) { | |||
1892 | tcpstat_inc(tcps_outswcsum); | |||
1893 | in_delayed_cksum(m); | |||
1894 | m->m_pkthdrM_dat.MH.MH_pkthdr.csum_flags &= ~M_TCP_CSUM_OUT0x0002; /* Clear */ | |||
1895 | } | |||
1896 | } else if (m->m_pkthdrM_dat.MH.MH_pkthdr.csum_flags & M_UDP_CSUM_OUT0x0004) { | |||
1897 | if (!in_ifcap_cksum(m, ifp, IFCAP_CSUM_UDPv40x00000004) || | |||
1898 | ip->ip_hl != 5) { | |||
1899 | udpstat_inc(udps_outswcsum); | |||
1900 | in_delayed_cksum(m); | |||
1901 | m->m_pkthdrM_dat.MH.MH_pkthdr.csum_flags &= ~M_UDP_CSUM_OUT0x0004; /* Clear */ | |||
1902 | } | |||
1903 | } else if (m->m_pkthdrM_dat.MH.MH_pkthdr.csum_flags & M_ICMP_CSUM_OUT0x0200) { | |||
1904 | in_delayed_cksum(m); | |||
1905 | m->m_pkthdrM_dat.MH.MH_pkthdr.csum_flags &= ~M_ICMP_CSUM_OUT0x0200; /* Clear */ | |||
1906 | } | |||
1907 | } | |||
1908 | ||||
1909 | int | |||
1910 | in_ifcap_cksum(struct mbuf *m, struct ifnet *ifp, int ifcap) | |||
1911 | { | |||
1912 | if ((ifp == NULL((void *)0)) || | |||
1913 | !ISSET(ifp->if_capabilities, ifcap)((ifp->if_data.ifi_capabilities) & (ifcap)) || | |||
1914 | (ifp->if_bridgeidx != 0)) | |||
1915 | return (0); | |||
1916 | /* | |||
1917 | * Simplex interface sends packet back without hardware cksum. | |||
1918 | * Keep this check in sync with the condition where ether_resolve() | |||
1919 | * calls if_input_local(). | |||
1920 | */ | |||
1921 | if (ISSET(m->m_flags, M_BCAST)((m->m_hdr.mh_flags) & (0x0100)) && | |||
1922 | ISSET(ifp->if_flags, IFF_SIMPLEX)((ifp->if_flags) & (0x800)) && | |||
1923 | !m->m_pkthdrM_dat.MH.MH_pkthdr.pf.routed) | |||
1924 | return (0); | |||
1925 | return (1); | |||
1926 | } |