src/sys/netinet6/ip6_input.c - diff

Return to ip6_input.c CVS log

Up to [cvs.NetBSD.org] / src / sys / netinet6

Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.

Diff for /src/sys/netinet6/ip6_input.c between version 1.82.2.3 and 1.94

version 1.82.2.3, 2006/09/09 02:58:55

version 1.94, 2007/02/10 09:43:05

Line 95 __KERNEL_RCSID(0, "$NetBSD$");

#include <netinet/in.h>

#include <netinet/in_systm.h>

#include <netinet/in_pcb.h>

#ifdef INET

#include <netinet/ip.h>

#include <netinet/ip_icmp.h>

Line 103 __KERNEL_RCSID(0, "$NetBSD$");

Line 102 __KERNEL_RCSID(0, "$NetBSD$");

#include <netinet/ip6.h>

#include <netinet6/in6_var.h>

#include <netinet6/ip6_var.h>

#include <netinet6/in6_pcb.h>

#include <netinet/icmp6.h>

#include <netinet6/scope6_var.h>

#include <netinet6/in6_ifattach.h>

Line 112 __KERNEL_RCSID(0, "$NetBSD$");

#include <netinet6/ipsec.h>

#endif

#ifdef FAST_IPSEC

#include <netipsec/ipsec.h>

#include <netipsec/ipsec6.h>

#include <netipsec/key.h>

#endif /* FAST_IPSEC */

#include <netinet6/ip6protosw.h>

#include "faith.h"

Line 189 ip6_init()

Line 195 ip6_init()

}

static void

ip6_init2(dummy)

ip6_init2(void *dummy)

void *dummy;

{

/* nd6_timer_init */

Line 242 ip6_input(m)

Line 247 ip6_input(m)

int nxt, ours = 0;

struct ifnet *deliverifp = NULL;

int srcrt = 0;

#ifdef FAST_IPSEC

struct m_tag *mtag;

struct tdb_ident *tdbi;

struct secpolicy *sp;

int s, error;

#endif

#ifdef IPSEC

Line 328 ip6_input(m)

Line 339 ip6_input(m)

#ifdef IPSEC

if (!ipsec_getnhist(m))

#elif defined(FAST_IPSEC)

if (!ipsec_indone(m))

#else

if (1)

#endif

Line 451 ip6_input(m)

Line 464 ip6_input(m)

* Unicast check

if (ip6_forward_rt.ro_rt != NULL &&

if (!IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst,

(ip6_forward_rt.ro_rt->rt_flags & RTF_UP) != 0 &&

IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst,

&((struct sockaddr_in6 *)(&ip6_forward_rt.ro_dst))->sin6_addr))

rtcache_free((struct route *)&ip6_forward_rt);

else

rtcache_check((struct route *)&ip6_forward_rt);

if (ip6_forward_rt.ro_rt != NULL) {

/* XXX Revalidated route is accounted wrongly. */

ip6stat.ip6s_forward_cachehit++;

else {

} else {

struct sockaddr_in6 *dst6;

if (ip6_forward_rt.ro_rt) {

ip6stat.ip6s_forward_cachemiss++;

/* route is down or destination is different */

ip6stat.ip6s_forward_cachemiss++;

RTFREE(ip6_forward_rt.ro_rt);

ip6_forward_rt.ro_rt = 0;

}

bzero(&ip6_forward_rt.ro_dst, sizeof(struct sockaddr_in6));

dst6 = (struct sockaddr_in6 *)&ip6_forward_rt.ro_dst;

Line 472 ip6_input(m)

Line 483 ip6_input(m)

dst6->sin6_family = AF_INET6;

dst6->sin6_addr = ip6->ip6_dst;

rtalloc((struct route *)&ip6_forward_rt);

rtcache_init((struct route *)&ip6_forward_rt);

}

#define rt6_key(r) ((struct sockaddr_in6 *)((r)->rt_nodes->rn_key))

Line 486 ip6_input(m)

Line 497 ip6_input(m)

* But we think it's even useful in some situations, e.g. when using

* a special daemon which wants to intercept the packet.

if (ip6_forward_rt.ro_rt &&

if (ip6_forward_rt.ro_rt != NULL &&

(ip6_forward_rt.ro_rt->rt_flags &

(RTF_HOST|RTF_GATEWAY)) == RTF_HOST &&

!(ip6_forward_rt.ro_rt->rt_flags & RTF_CLONED) &&

Line 529 ip6_input(m)

Line 540 ip6_input(m)

#if defined(NFAITH) && 0 < NFAITH

if (ip6_keepfaith) {

if (ip6_forward_rt.ro_rt && ip6_forward_rt.ro_rt->rt_ifp &&

if (ip6_forward_rt.ro_rt != NULL &&

ip6_forward_rt.ro_rt->rt_ifp != NULL &&

ip6_forward_rt.ro_rt->rt_ifp->if_type == IFT_FAITH) {

/* XXX do we need more sanity checks? */

ours = 1;

Line 547 ip6_input(m)

Line 559 ip6_input(m)

* working right.

struct ifaddr *ifa;

for (ifa = m->m_pkthdr.rcvif->if_addrlist.tqh_first;

TAILQ_FOREACH(ifa, &m->m_pkthdr.rcvif->if_addrlist, ifa_list) {

ifa;

ifa = ifa->ifa_list.tqe_next) {

if (ifa->ifa_addr == NULL)

continue; /* just for safety */

if (ifa->ifa_addr->sa_family != AF_INET6)

Line 757 ip6_input(m)

Line 767 ip6_input(m)

goto bad;

}

#endif

#ifdef FAST_IPSEC

* enforce IPsec policy checking if we are seeing last header.

* note that we do not visit this with protocols with pcb layer

* code - like udp/tcp/raw ip.

if ((inet6sw[ip_protox[nxt]].pr_flags & PR_LASTHDR) != 0) {

* Check if the packet has already had IPsec processing

* done. If so, then just pass it along. This tag gets

* set during AH, ESP, etc. input handling, before the

* packet is returned to the ip input queue for delivery.

mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL);

s = splsoftnet();

if (mtag != NULL) {

tdbi = (struct tdb_ident *)(mtag + 1);

sp = ipsec_getpolicy(tdbi, IPSEC_DIR_INBOUND);

} else {

sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,

IP_FORWARDING, &error);

}

if (sp != NULL) {

* Check security policy against packet attributes.

error = ipsec_in_reject(sp, m);

KEY_FREESP(&sp);

} else {

/* XXX error stat??? */

error = EINVAL;

DPRINTF(("ip6_input: no SP, packet discarded\n"));/*XXX*/

goto bad;

}

splx(s);

if (error)

goto bad;

}

#endif /* FAST_IPSEC */

nxt = (*inet6sw[ip6_protox[nxt]].pr_input)(&m, &off, nxt);

}

Line 1029 ip6_unknown_opt(optp, m, off)

Line 1079 ip6_unknown_opt(optp, m, off)

* you are using IP6_EXTHDR_CHECK() not m_pulldown())

void

ip6_savecontrol(inp, mp, ip6, m)

ip6_savecontrol(in6p, mp, ip6, m)

struct inpcb *inp;

struct in6pcb *in6p;

struct mbuf **mp;

struct ip6_hdr *ip6;

struct mbuf *m;

Line 1042 ip6_savecontrol(inp, mp, ip6, m)

Line 1092 ip6_savecontrol(inp, mp, ip6, m)

#endif

#ifdef SO_TIMESTAMP

if (inp->inp_socket->so_options & SO_TIMESTAMP) {

if (in6p->in6p_socket->so_options & SO_TIMESTAMP) {

struct timeval tv;

microtime(&tv);

Line 1058 ip6_savecontrol(inp, mp, ip6, m)

Line 1108 ip6_savecontrol(inp, mp, ip6, m)

return;

/* RFC 2292 sec. 5 */

if ((inp->inp_flags & IN6P_PKTINFO) != 0) {

if ((in6p->in6p_flags & IN6P_PKTINFO) != 0) {

struct in6_pktinfo pi6;

bcopy(&ip6->ip6_dst, &pi6.ipi6_addr, sizeof(struct in6_addr));

Line 1071 ip6_savecontrol(inp, mp, ip6, m)

Line 1121 ip6_savecontrol(inp, mp, ip6, m)

if (*mp)

mp = &(*mp)->m_next;

}

if (inp->inp_flags & IN6P_HOPLIMIT) {

if (in6p->in6p_flags & IN6P_HOPLIMIT) {

int hlim = ip6->ip6_hlim & 0xff;

*mp = sbcreatecontrol((caddr_t) &hlim, sizeof(int),

Line 1102 ip6_savecontrol(inp, mp, ip6, m)

Line 1153 ip6_savecontrol(inp, mp, ip6, m)

* returned to normal user.

* See also RFC3542 section 8 (or RFC2292 section 6).

if ((inp->inp_flags & IN6P_HOPOPTS) != 0) {

if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0) {

* Check if a hop-by-hop options header is contatined in the

* received packet, and if so, store the options as ancillary

Line 1146 ip6_savecontrol(inp, mp, ip6, m)

Line 1197 ip6_savecontrol(inp, mp, ip6, m)

}

/* IPV6_DSTOPTS and IPV6_RTHDR socket options */

if (inp->inp_flags & (IN6P_DSTOPTS | IN6P_RTHDR)) {

if (in6p->in6p_flags & (IN6P_DSTOPTS | IN6P_RTHDR)) {

struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *);

int nxt = xip6->ip6_nxt, off = sizeof(struct ip6_hdr);

Line 1195 ip6_savecontrol(inp, mp, ip6, m)

Line 1246 ip6_savecontrol(inp, mp, ip6, m)

switch (nxt) {

case IPPROTO_DSTOPTS:

if (!inp->inp_flags & IN6P_DSTOPTS)

if (!in6p->in6p_flags & IN6P_DSTOPTS)

break;

*mp = sbcreatecontrol((caddr_t)ip6e, elen,

Line 1206 ip6_savecontrol(inp, mp, ip6, m)

Line 1257 ip6_savecontrol(inp, mp, ip6, m)

break;

case IPPROTO_ROUTING:

if (!inp->inp_flags & IN6P_RTHDR)

if (!in6p->in6p_flags & IN6P_RTHDR)

break;

*mp = sbcreatecontrol((caddr_t)ip6e, elen,

CVSweb <webmaster@jp.NetBSD.org>