| version 1.193, 2018/02/24 07:37:09 |
version 1.193.2.5, 2018/05/21 04:36:16 |
| Line 123 __KERNEL_RCSID(0, "$NetBSD$"); |
|
| Line 123 __KERNEL_RCSID(0, "$NetBSD$"); |
|
| |
|
| #include "faith.h" |
#include "faith.h" |
| |
|
| #include <net/net_osdep.h> |
|
| |
|
| extern struct domain inet6domain; |
extern struct domain inet6domain; |
| |
|
| u_char ip6_protox[IPPROTO_MAX]; |
u_char ip6_protox[IPPROTO_MAX]; |
| Line 138 percpu_t *ip6_forward_rt_percpu __cachel |
|
| Line 136 percpu_t *ip6_forward_rt_percpu __cachel |
|
| |
|
| static void ip6_init2(void); |
static void ip6_init2(void); |
| static void ip6intr(void *); |
static void ip6intr(void *); |
| |
static bool ip6_badaddr(struct ip6_hdr *); |
| static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *); |
static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *); |
| |
|
| static int ip6_process_hopopts(struct mbuf *, u_int8_t *, int, u_int32_t *, |
static int ip6_process_hopopts(struct mbuf *, u_int8_t *, int, u_int32_t *, |
| Line 320 ip6_input(struct mbuf *m, struct ifnet * |
|
| Line 319 ip6_input(struct mbuf *m, struct ifnet * |
|
| goto bad; |
goto bad; |
| } |
} |
| |
|
| |
if (ip6_badaddr(ip6)) { |
| |
IP6_STATINC(IP6_STAT_BADSCOPE); |
| |
in6_ifstat_inc(rcvif, ifs6_in_addrerr); |
| |
goto bad; |
| |
} |
| |
|
| /* |
/* |
| * Assume that we can create a fast-forward IP flow entry |
* Assume that we can create a fast-forward IP flow entry |
| * based on this packet. |
* based on this packet. |
| Line 332 ip6_input(struct mbuf *m, struct ifnet * |
|
| Line 337 ip6_input(struct mbuf *m, struct ifnet * |
|
| * not fast-forwarded, they must clear the M_CANFASTFWD flag. |
* not fast-forwarded, they must clear the M_CANFASTFWD flag. |
| * Note that filters must _never_ set this flag, as another filter |
* Note that filters must _never_ set this flag, as another filter |
| * in the list may have previously cleared it. |
* in the list may have previously cleared it. |
| */ |
* |
| /* |
* Don't call hooks if the packet has already been processed by |
| * let ipfilter look at packet on the wire, |
* IPsec (encapsulated, tunnel mode). |
| * not the decapsulated packet. |
|
| */ |
*/ |
| #if defined(IPSEC) |
#if defined(IPSEC) |
| if (!ipsec_used || !ipsec_indone(m)) |
if (!ipsec_used || !ipsec_indone(m)) |
| Line 350 ip6_input(struct mbuf *m, struct ifnet * |
|
| Line 354 ip6_input(struct mbuf *m, struct ifnet * |
|
| return; |
return; |
| if (m == NULL) |
if (m == NULL) |
| return; |
return; |
| |
KASSERT(m->m_len >= sizeof(struct ip6_hdr)); |
| ip6 = mtod(m, struct ip6_hdr *); |
ip6 = mtod(m, struct ip6_hdr *); |
| srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst); |
srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst); |
| } |
} |
| Line 369 ip6_input(struct mbuf *m, struct ifnet * |
|
| Line 374 ip6_input(struct mbuf *m, struct ifnet * |
|
| #endif |
#endif |
| |
|
| /* |
/* |
| * Check against address spoofing/corruption. |
|
| */ |
|
| if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src) || |
|
| IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst)) { |
|
| /* |
|
| * XXX: "badscope" is not very suitable for a multicast source. |
|
| */ |
|
| IP6_STATINC(IP6_STAT_BADSCOPE); |
|
| in6_ifstat_inc(rcvif, ifs6_in_addrerr); |
|
| goto bad; |
|
| } |
|
| |
|
| /* |
|
| * The following check is not documented in specs. A malicious |
|
| * party may be able to use IPv4 mapped addr to confuse tcp/udp stack |
|
| * and bypass security checks (act as if it was from 127.0.0.1 by using |
|
| * IPv6 src ::ffff:127.0.0.1). Be cautious. |
|
| * |
|
| * This check chokes if we are in an SIIT cloud. As none of BSDs |
|
| * support IPv4-less kernel compilation, we cannot support SIIT |
|
| * environment at all. So, it makes more sense for us to reject any |
|
| * malicious packets for non-SIIT environment, than try to do a |
|
| * partial support for SIIT environment. |
|
| */ |
|
| if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || |
|
| IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { |
|
| IP6_STATINC(IP6_STAT_BADSCOPE); |
|
| in6_ifstat_inc(rcvif, ifs6_in_addrerr); |
|
| goto bad; |
|
| } |
|
| |
|
| #if 0 |
|
| /* |
|
| * Reject packets with IPv4 compatible addresses (auto tunnel). |
|
| * |
|
| * The code forbids auto tunnel relay case in RFC1933 (the check is |
|
| * stronger than RFC1933). We may want to re-enable it if mech-xx |
|
| * is revised to forbid relaying case. |
|
| */ |
|
| if (IN6_IS_ADDR_V4COMPAT(&ip6->ip6_src) || |
|
| IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) { |
|
| IP6_STATINC(IP6_STAT_BADSCOPE); |
|
| in6_ifstat_inc(rcvif, ifs6_in_addrerr); |
|
| goto bad; |
|
| } |
|
| #endif |
|
| |
|
| /* |
|
| * Disambiguate address scope zones (if there is ambiguity). |
* Disambiguate address scope zones (if there is ambiguity). |
| * We first make sure that the original source or destination address |
* We first make sure that the original source or destination address |
| * is not in our internal form for scoped addresses. Such addresses |
* is not in our internal form for scoped addresses. Such addresses |
|
|
| goto bad; |
goto bad; |
| } |
} |
| |
|
| |
M_VERIFY_PACKET(m); |
| |
|
| /* |
/* |
| * protection against faulty packet - there should be |
* protection against faulty packet - there should be |
| * more sanity checks in header chain processing. |
* more sanity checks in header chain processing. |
|
|
| & PR_LASTHDR) != 0) { |
& PR_LASTHDR) != 0) { |
| int error; |
int error; |
| |
|
| error = ipsec6_input(m); |
error = ipsec_ip_input(m, false); |
| if (error) |
if (error) |
| goto bad; |
goto bad; |
| } |
} |
|
|
| return; |
return; |
| } |
} |
| |
|
| |
static bool |
| |
ip6_badaddr(struct ip6_hdr *ip6) |
| |
{ |
| |
/* Check against address spoofing/corruption. */ |
| |
if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src) || |
| |
IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst)) { |
| |
return true; |
| |
} |
| |
|
| |
/* |
| |
* The following check is not documented in specs. A malicious |
| |
* party may be able to use IPv4 mapped addr to confuse tcp/udp stack |
| |
* and bypass security checks (act as if it was from 127.0.0.1 by using |
| |
* IPv6 src ::ffff:127.0.0.1). Be cautious. |
| |
* |
| |
* This check chokes if we are in an SIIT cloud. As none of BSDs |
| |
* support IPv4-less kernel compilation, we cannot support SIIT |
| |
* environment at all. So, it makes more sense for us to reject any |
| |
* malicious packets for non-SIIT environment, than try to do a |
| |
* partial support for SIIT environment. |
| |
*/ |
| |
if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || |
| |
IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { |
| |
return true; |
| |
} |
| |
|
| |
/* |
| |
* Reject packets with IPv4-compatible IPv6 addresses (RFC4291). |
| |
*/ |
| |
if (IN6_IS_ADDR_V4COMPAT(&ip6->ip6_src) || |
| |
IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) { |
| |
return true; |
| |
} |
| |
|
| |
return false; |
| |
} |
| |
|
| /* |
/* |
| * set/grab in6_ifaddr correspond to IPv6 destination address. |
* set/grab in6_ifaddr correspond to IPv6 destination address. |
| */ |
*/ |
| Line 1054 ip6_unknown_opt(u_int8_t *optp, struct m |
|
| Line 1050 ip6_unknown_opt(u_int8_t *optp, struct m |
|
| return (-1); |
return (-1); |
| } |
} |
| |
|
| /* |
|
| * Create the "control" list for this pcb. |
|
| * |
|
| * The routine will be called from upper layer handlers like tcp6_input(). |
|
| * Thus the routine assumes that the caller (tcp6_input) have already |
|
| * called IP6_EXTHDR_CHECK() and all the extension headers are located in the |
|
| * very first mbuf on the mbuf chain. |
|
| * We may want to add some infinite loop prevention or sanity checks for safety. |
|
| * (This applies only when you are using KAME mbuf chain restriction, i.e. |
|
| * you are using IP6_EXTHDR_CHECK() not m_pulldown()) |
|
| */ |
|
| void |
void |
| ip6_savecontrol(struct in6pcb *in6p, struct mbuf **mp, |
ip6_savecontrol(struct in6pcb *in6p, struct mbuf **mp, |
| struct ip6_hdr *ip6, struct mbuf *m) |
struct ip6_hdr *ip6, struct mbuf *m) |
| Line 1077 ip6_savecontrol(struct in6pcb *in6p, str |
|
| Line 1062 ip6_savecontrol(struct in6pcb *in6p, str |
|
| #endif |
#endif |
| |
|
| if (SOOPT_TIMESTAMP(so->so_options)) |
if (SOOPT_TIMESTAMP(so->so_options)) |
| mp = sbsavetimestamp(so->so_options, m, mp); |
mp = sbsavetimestamp(so->so_options, mp); |
| |
|
| /* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */ |
/* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */ |
| if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) |
if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) |
| Line 1298 ip6_notify_pmtu(struct in6pcb *in6p, con |
|
| Line 1283 ip6_notify_pmtu(struct in6pcb *in6p, con |
|
| |
|
| if (sbappendaddr(&so->so_rcv, (const struct sockaddr *)dst, NULL, m_mtu) |
if (sbappendaddr(&so->so_rcv, (const struct sockaddr *)dst, NULL, m_mtu) |
| == 0) { |
== 0) { |
| |
soroverflow(so); |
| m_freem(m_mtu); |
m_freem(m_mtu); |
| /* XXX: should count statistics */ |
|
| } else |
} else |
| sorwakeup(so); |
sorwakeup(so); |
| |
|
| Line 1317 ip6_pullexthdr(struct mbuf *m, size_t of |
|
| Line 1302 ip6_pullexthdr(struct mbuf *m, size_t of |
|
| size_t elen; |
size_t elen; |
| struct mbuf *n; |
struct mbuf *n; |
| |
|
| #ifdef DIAGNOSTIC |
|
| switch (nxt) { |
|
| case IPPROTO_DSTOPTS: |
|
| case IPPROTO_ROUTING: |
|
| case IPPROTO_HOPOPTS: |
|
| case IPPROTO_AH: /* is it possible? */ |
|
| break; |
|
| default: |
|
| printf("ip6_pullexthdr: invalid nxt=%d\n", nxt); |
|
| } |
|
| #endif |
|
| |
|
| m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); |
m_copydata(m, off, sizeof(ip6e), (void *)&ip6e); |
| if (nxt == IPPROTO_AH) |
if (nxt == IPPROTO_AH) |
| elen = (ip6e.ip6e_len + 2) << 2; |
elen = (ip6e.ip6e_len + 2) << 2; |
![[BACK]](/icons/back.gif){kind=icon}
Return to ip6_input.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / sys / netinet6