Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.82.2.7 retrieving revision 1.96 diff -u -p -r1.82.2.7 -r1.96 --- src/sys/netinet/ip_input.c 2001/05/30 09:44:09 1.82.2.7 +++ src/sys/netinet/ip_input.c 2000/02/01 00:07:09 1.96 @@ -1,4 +1,33 @@ -/* $NetBSD: ip_input.c,v 1.82.2.7 2001/05/30 09:44:09 he Exp $ */ +/* $NetBSD: ip_input.c,v 1.96 2000/02/01 00:07:09 thorpej Exp $ */ + +/* + * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ /*- * Copyright (c) 1998 The NetBSD Foundation, Inc. @@ -74,6 +103,7 @@ #include "opt_gateway.h" #include "opt_pfil_hooks.h" +#include "opt_ipsec.h" #include "opt_mrouting.h" #include @@ -105,6 +135,15 @@ #include #include #include +/* just for gif_ttl */ +#include +#include "gif.h" + +#ifdef IPSEC +#include +#include +#include +#endif #ifndef IPFORWARDING #ifdef GATEWAY @@ -167,8 +206,6 @@ int ip_defttl; struct ipqhead ipq; int ipq_locked; -int ip_nfragpackets = 0; -int ip_maxfragpackets = 200; static __inline int ipq_lock_try __P((void)); static __inline void ipq_unlock __P((void)); @@ -280,39 +317,57 @@ struct sockaddr_in ipaddr = { sizeof(ipa struct route ipforward_rt; /* + * IP software interrupt routine + */ +void +ipintr() +{ + int s; + struct mbuf *m; + + while (1) { + s = splimp(); + IF_DEQUEUE(&ipintrq, m); + splx(s); + if (m == 0) + return; + ip_input(m); + } +} + +/* * Ip input routine. Checksum and byte swap header. If fragmented * try to reassemble. Process options. Pass to next level. */ void -ipintr() +ip_input(struct mbuf *m) { register struct ip *ip = NULL; - register struct mbuf *m; register struct ipq *fp; register struct in_ifaddr *ia; register struct ifaddr *ifa; struct ipqent *ipqe; - int hlen = 0, mff, len, s; + int hlen = 0, mff, len; #ifdef PFIL_HOOKS struct packet_filter_hook *pfh; struct mbuf *m0; int rv; #endif /* PFIL_HOOKS */ -next: - /* - * Get next datagram off input queue and get IP header - * in first mbuf. - */ - s = splimp(); - IF_DEQUEUE(&ipintrq, m); - splx(s); - if (m == 0) - return; #ifdef DIAGNOSTIC if ((m->m_flags & M_PKTHDR) == 0) panic("ipintr no HDR"); #endif +#ifdef IPSEC + /* + * should the inner packet be considered authentic? + * see comment in ah4_input(). + */ + if (m) { + m->m_flags &= ~M_AUTHIPHDR; + m->m_flags &= ~M_AUTHIPDGM; + } +#endif /* * If no IP addresses have been set yet but the interfaces * are receiving, can't do anything with incoming packets yet. @@ -323,7 +378,7 @@ next: if (m->m_len < sizeof (struct ip) && (m = m_pullup(m, sizeof (struct ip))) == 0) { ipstat.ips_toosmall++; - goto next; + return; } ip = mtod(m, struct ip *); if (ip->ip_v != IPVERSION) { @@ -338,17 +393,15 @@ next: if (hlen > m->m_len) { if ((m = m_pullup(m, hlen)) == 0) { ipstat.ips_badhlen++; - goto next; + return; } ip = mtod(m, struct ip *); } - /* - * RFC1122: packets with a multicast source address are - * not allowed. + * we drop packets that have a multicast address as source + * as wanted by rfc 1112 */ if (IN_MULTICAST(ip->ip_src.s_addr)) { - /* XXX stat */ goto bad; } @@ -367,8 +420,7 @@ next: /* * Check for additional length bogosity */ - if (len < hlen) - { + if (len < hlen) { ipstat.ips_badlen++; goto bad; } @@ -391,11 +443,16 @@ next: m_adj(m, len - m->m_pkthdr.len); } +#ifdef IPSEC + /* ipflow (IP fast fowarding) is not compatible with IPsec. */ + m->m_flags &= ~M_CANFASTFWD; +#else /* * Assume that we can create a fast-forward IP flow entry * based on this packet. */ m->m_flags |= M_CANFASTFWD; +#endif #ifdef PFIL_HOOKS /* @@ -410,10 +467,10 @@ next: if (pfh->pfil_func) { rv = pfh->pfil_func(ip, hlen, m->m_pkthdr.rcvif, 0, &m0); if (rv) - goto next; + return; m = m0; if (m == NULL) - goto next; + return; ip = mtod(m, struct ip *); } #endif /* PFIL_HOOKS */ @@ -426,7 +483,7 @@ next: */ ip_nhops = 0; /* for source routed packets */ if (hlen > sizeof (struct ip) && ip_dooptions(m)) - goto next; + return; /* * Check our list of addresses, to see if the packet is for us. @@ -464,7 +521,7 @@ next: if (m->m_flags & M_EXT) { if ((m = m_pullup(m, hlen)) == 0) { ipstat.ips_toosmall++; - goto next; + return; } ip = mtod(m, struct ip *); } @@ -485,7 +542,7 @@ next: if (ip_mforward(m, m->m_pkthdr.rcvif) != 0) { ipstat.ips_cantforward++; m_freem(m); - goto next; + return; } /* @@ -506,7 +563,7 @@ next: if (inm == NULL) { ipstat.ips_cantforward++; m_freem(m); - goto next; + return; } goto ours; } @@ -522,7 +579,7 @@ next: m_freem(m); } else ip_forward(m, 0); - goto next; + return; ours: /* @@ -586,7 +643,7 @@ found: m = ip_reass(ipqe, fp); if (m == 0) { IPQ_UNLOCK(); - goto next; + return; } ipstat.ips_reassembled++; ip = mtod(m, struct ip *); @@ -605,11 +662,14 @@ found: ia->ia_ifa.ifa_data.ifad_inbytes += ip->ip_len; #endif ipstat.ips_delivered++; - (*inetsw[ip_protox[ip->ip_p]].pr_input)(m, hlen); - goto next; + { + int off = hlen, nh = ip->ip_p; + + (*inetsw[ip_protox[nh]].pr_input)(m, off, nh); + return; + } bad: m_freem(m); - goto next; } /* @@ -643,17 +703,6 @@ ip_reass(ipqe, fp) * If first fragment to arrive, create a reassembly queue. */ if (fp == 0) { - /* - * Enforce upper bound on number of fragmented packets - * for which we attempt reassembly; - * If maxfrag is 0, never accept fragments. - * If maxfrag is -1, accept all fragments without limitation. - */ - if (ip_maxfragpackets < 0) - ; - else if (ip_nfragpackets >= ip_maxfragpackets) - goto dropfrag; - ip_nfragpackets++; MALLOC(fp, struct ipq *, sizeof (struct ipq), M_FTABLE, M_NOWAIT); if (fp == NULL) @@ -765,11 +814,12 @@ insert: * Make header visible. */ ip->ip_len = next; + ip->ip_ttl = 0; /* xxx */ + ip->ip_sum = 0; ip->ip_src = fp->ipq_src; ip->ip_dst = fp->ipq_dst; LIST_REMOVE(fp, ipq_q); FREE(fp, M_FTABLE); - ip_nfragpackets--; m->m_len += (ip->ip_hl << 2); m->m_data -= (ip->ip_hl << 2); /* some debugging cruft by sklower, below, will go away soon */ @@ -808,7 +858,6 @@ ip_freef(fp) } LIST_REMOVE(fp, ipq_q); FREE(fp, M_FTABLE); - ip_nfragpackets--; } /* @@ -830,17 +879,6 @@ ip_slowtimo() ip_freef(fp); } } - /* - * If we are over the maximum number of fragments - * (due to the limit being lowered), drain off - * enough to get down to the new limit. - */ - if (ip_maxfragpackets < 0) - ; - else { - while (ip_nfragpackets > ip_maxfragpackets && ipq.lh_first) - ip_freef(ipq.lh_first); - } IPQ_UNLOCK(); #ifdef GATEWAY ipflow_slowtimo(); @@ -882,11 +920,11 @@ ip_dooptions(m) struct mbuf *m; { register struct ip *ip = mtod(m, struct ip *); - register u_char *cp, *cp0; + register u_char *cp; register struct ip_timestamp *ipt; register struct in_ifaddr *ia; int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0; - struct in_addr dst; + struct in_addr *sin, dst; n_time ntime; dst = ip->ip_dst; @@ -945,7 +983,7 @@ ip_dooptions(m) break; } off--; /* 0 origin */ - if ((off + sizeof(struct in_addr)) > optlen) { + if (off > optlen - sizeof(struct in_addr)) { /* * End of source route. Should be for us. */ @@ -957,11 +995,9 @@ ip_dooptions(m) */ bcopy((caddr_t)(cp + off), (caddr_t)&ipaddr.sin_addr, sizeof(ipaddr.sin_addr)); - if (opt == IPOPT_SSRR) { -#define INA struct in_ifaddr * -#define SA struct sockaddr * - ia = (INA)ifa_ifwithladdr((SA)&ipaddr); - } else + if (opt == IPOPT_SSRR) + ia = ifatoia(ifa_ifwithaddr(sintosa(&ipaddr))); + else ia = ip_rtaddr(ipaddr.sin_addr); if (ia == 0) { type = ICMP_UNREACH; @@ -987,7 +1023,7 @@ ip_dooptions(m) * If no space remains, ignore. */ off--; /* 0 origin */ - if ((off + sizeof(struct in_addr)) > optlen) + if (off > optlen - sizeof(struct in_addr)) break; bcopy((caddr_t)(&ip->ip_dst), (caddr_t)&ipaddr.sin_addr, sizeof(ipaddr.sin_addr)); @@ -995,8 +1031,9 @@ ip_dooptions(m) * locate outgoing interface; if we're the destination, * use the incoming interface (should be same). */ - if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) == 0 && - (ia = ip_rtaddr(ipaddr.sin_addr)) == 0) { + if ((ia = ifatoia(ifa_ifwithaddr(sintosa(&ipaddr)))) + == NULL && + (ia = ip_rtaddr(ipaddr.sin_addr)) == NULL) { type = ICMP_UNREACH; code = ICMP_UNREACH_HOST; goto bad; @@ -1016,7 +1053,7 @@ ip_dooptions(m) goto bad; break; } - cp0 = (cp + ipt->ipt_ptr - 1); + sin = (struct in_addr *)(cp + ipt->ipt_ptr - 1); switch (ipt->ipt_flg) { case IPOPT_TS_TSONLY: @@ -1027,12 +1064,12 @@ ip_dooptions(m) sizeof(struct in_addr) > ipt->ipt_len) goto bad; ipaddr.sin_addr = dst; - ia = (INA)ifaof_ifpforaddr((SA)&ipaddr, - m->m_pkthdr.rcvif); + ia = ifatoia(ifaof_ifpforaddr(sintosa(&ipaddr), + m->m_pkthdr.rcvif)); if (ia == 0) continue; - bcopy(&ia->ia_addr.sin_addr, - cp0, sizeof(struct in_addr)); + bcopy((caddr_t)&ia->ia_addr.sin_addr, + (caddr_t)sin, sizeof(struct in_addr)); ipt->ipt_ptr += sizeof(struct in_addr); break; @@ -1040,9 +1077,10 @@ ip_dooptions(m) if (ipt->ipt_ptr - 1 + sizeof(n_time) + sizeof(struct in_addr) > ipt->ipt_len) goto bad; - bcopy(cp0, &ipaddr.sin_addr, + bcopy((caddr_t)sin, (caddr_t)&ipaddr.sin_addr, sizeof(struct in_addr)); - if (ifa_ifwithaddr((SA)&ipaddr) == 0) + if (ifatoia(ifa_ifwithaddr(sintosa(&ipaddr))) + == NULL) continue; ipt->ipt_ptr += sizeof(struct in_addr); break; @@ -1051,8 +1089,7 @@ ip_dooptions(m) goto bad; } ntime = iptime(); - cp0 = (u_char *) &ntime; /* XXX GCC BUG */ - bcopy(cp0, (caddr_t)cp + ipt->ipt_ptr - 1, + bcopy((caddr_t)&ntime, (caddr_t)cp + ipt->ipt_ptr - 1, sizeof(n_time)); ipt->ipt_ptr += sizeof(n_time); } @@ -1116,7 +1153,7 @@ save_rte(option, dst) #ifdef DIAGNOSTIC if (ipprintfs) printf("save_rte: olen %d\n", olen); -#endif +#endif /* 0 */ if (olen > sizeof(ip_srcrt) - (1 + sizeof(dst))) return; bcopy((caddr_t)option, (caddr_t)ip_srcrt.srcopt, olen); @@ -1256,6 +1293,9 @@ ip_forward(m, srcrt) struct mbuf *mcopy; n_long dest; struct ifnet *destifp; +#ifdef IPSEC + struct ifnet dummyifp; +#endif dest = 0; #ifdef DIAGNOSTIC @@ -1333,6 +1373,9 @@ ip_forward(m, srcrt) } } +#ifdef IPSEC + m->m_pkthdr.rcvif = NULL; +#endif /*IPSEC*/ error = ip_output(m, (struct mbuf *)0, &ipforward_rt, (IP_FORWARDING | (ip_directedbcast ? IP_ALLOWBROADCAST : 0)), 0); if (error) @@ -1374,8 +1417,61 @@ ip_forward(m, srcrt) case EMSGSIZE: type = ICMP_UNREACH; code = ICMP_UNREACH_NEEDFRAG; +#ifndef IPSEC if (ipforward_rt.ro_rt) destifp = ipforward_rt.ro_rt->rt_ifp; +#else + /* + * If the packet is routed over IPsec tunnel, tell the + * originator the tunnel MTU. + * tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz + * XXX quickhack!!! + */ + if (ipforward_rt.ro_rt) { + struct secpolicy *sp; + int ipsecerror; + size_t ipsechdr; + struct route *ro; + + sp = ipsec4_getpolicybyaddr(mcopy, + IPSEC_DIR_OUTBOUND, + IP_FORWARDING, + &ipsecerror); + + if (sp == NULL) + destifp = ipforward_rt.ro_rt->rt_ifp; + else { + /* count IPsec header size */ + ipsechdr = ipsec4_hdrsiz(mcopy, + IPSEC_DIR_OUTBOUND, + NULL); + + /* + * find the correct route for outer IPv4 + * header, compute tunnel MTU. + * + * XXX BUG ALERT + * The "dummyifp" code relies upon the fact + * that icmp_error() touches only ifp->if_mtu. + */ + /*XXX*/ + destifp = NULL; + if (sp->req != NULL + && sp->req->sav != NULL + && sp->req->sav->sah != NULL) { + ro = &sp->req->sav->sah->sa_route; + if (ro->ro_rt && ro->ro_rt->rt_ifp) { + dummyifp.if_mtu = + ro->ro_rt->rt_ifp->if_mtu; + dummyifp.if_mtu -= ipsechdr; + destifp = &dummyifp; + } + } + + key_freesp(sp); + } + } +#endif /*IPSEC*/ ipstat.ips_cantfrag++; break; @@ -1456,7 +1552,7 @@ ip_sysctl(name, namelen, oldp, oldlenp, void *newp; size_t newlen; { - extern int subnetsarelocal; + extern int subnetsarelocal, hostzeroisbroadcast; int error, old; @@ -1548,10 +1644,14 @@ ip_sysctl(name, namelen, oldp, oldlenp, return (error); } #endif - - case IPCTL_MAXFRAGPACKETS: + case IPCTL_HOSTZEROBROADCAST: return (sysctl_int(oldp, oldlenp, newp, newlen, - &ip_maxfragpackets)); + &hostzeroisbroadcast)); +#if NGIF > 0 + case IPCTL_GIF_TTL: + return(sysctl_int(oldp, oldlenp, newp, newlen, + &ip_gif_ttl)); +#endif default: return (EOPNOTSUPP);