FreeBSD kernel IPv4 code
ip_options.c
Go to the documentation of this file.
1/*
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1982, 1986, 1988, 1993
5 * The Regents of the University of California.
6 * Copyright (c) 2005 Andre Oppermann, Internet Business Solutions AG.
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34#include <sys/cdefs.h>
35__FBSDID("$FreeBSD$");
36
37#include "opt_ipstealth.h"
38
39#include <sys/param.h>
40#include <sys/systm.h>
41#include <sys/mbuf.h>
42#include <sys/domain.h>
43#include <sys/protosw.h>
44#include <sys/socket.h>
45#include <sys/time.h>
46#include <sys/kernel.h>
47#include <sys/syslog.h>
48#include <sys/sysctl.h>
49
50#include <net/if.h>
51#include <net/if_types.h>
52#include <net/if_var.h>
53#include <net/if_dl.h>
54#include <net/route.h>
55#include <net/route/nhop.h>
56#include <net/netisr.h>
57#include <net/vnet.h>
58
59#include <netinet/in.h>
60#include <netinet/in_fib.h>
61#include <netinet/in_systm.h>
62#include <netinet/in_var.h>
63#include <netinet/ip.h>
64#include <netinet/in_pcb.h>
65#include <netinet/ip_var.h>
66#include <netinet/ip_options.h>
67#include <netinet/ip_icmp.h>
68#include <machine/in_cksum.h>
69
70#include <sys/socketvar.h>
71
72VNET_DEFINE_STATIC(int, ip_dosourceroute);
73SYSCTL_INT(_net_inet_ip, IPCTL_SOURCEROUTE, sourceroute,
74 CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip_dosourceroute), 0,
75 "Enable forwarding source routed IP packets");
76#define V_ip_dosourceroute VNET(ip_dosourceroute)
77
78VNET_DEFINE_STATIC(int, ip_acceptsourceroute);
79SYSCTL_INT(_net_inet_ip, IPCTL_ACCEPTSOURCEROUTE, accept_sourceroute,
80 CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip_acceptsourceroute), 0,
81 "Enable accepting source routed IP packets");
82#define V_ip_acceptsourceroute VNET(ip_acceptsourceroute)
83
84VNET_DEFINE(int, ip_doopts) = 1; /* 0 = ignore, 1 = process, 2 = reject */
85SYSCTL_INT(_net_inet_ip, OID_AUTO, process_options, CTLFLAG_VNET | CTLFLAG_RW,
86 &VNET_NAME(ip_doopts), 0, "Enable IP options processing ([LS]SRR, RR, TS)");
87
88static void save_rte(struct mbuf *m, u_char *, struct in_addr);
89
90/*
91 * Do option processing on a datagram, possibly discarding it if bad options
92 * are encountered, or forwarding it if source-routed.
93 *
94 * The pass argument is used when operating in the IPSTEALTH mode to tell
95 * what options to process: [LS]SRR (pass 0) or the others (pass 1). The
96 * reason for as many as two passes is that when doing IPSTEALTH, non-routing
97 * options should be processed only if the packet is for us.
98 *
99 * Returns 1 if packet has been forwarded/freed, 0 if the packet should be
100 * processed further.
101 */
102int
103ip_dooptions(struct mbuf *m, int pass)
104{
105 struct ip *ip = mtod(m, struct ip *);
106 u_char *cp;
107 struct in_ifaddr *ia;
108 int opt, optlen, cnt, off, code, type = ICMP_PARAMPROB, forward = 0;
109 struct in_addr *sin, dst;
110 uint32_t ntime;
111 struct nhop_object *nh;
112 struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET };
113
114 NET_EPOCH_ASSERT();
115
116 /* Ignore or reject packets with IP options. */
117 if (V_ip_doopts == 0)
118 return 0;
119 else if (V_ip_doopts == 2) {
120 type = ICMP_UNREACH;
121 code = ICMP_UNREACH_FILTER_PROHIB;
122 goto bad;
123 }
124
125 dst = ip->ip_dst;
126 cp = (u_char *)(ip + 1);
127 cnt = (ip->ip_hl << 2) - sizeof (struct ip);
128 for (; cnt > 0; cnt -= optlen, cp += optlen) {
129 opt = cp[IPOPT_OPTVAL];
130 if (opt == IPOPT_EOL)
131 break;
132 if (opt == IPOPT_NOP)
133 optlen = 1;
134 else {
135 if (cnt < IPOPT_OLEN + sizeof(*cp)) {
136 code = &cp[IPOPT_OLEN] - (u_char *)ip;
137 goto bad;
138 }
139 optlen = cp[IPOPT_OLEN];
140 if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt) {
141 code = &cp[IPOPT_OLEN] - (u_char *)ip;
142 goto bad;
143 }
144 }
145 switch (opt) {
146 default:
147 break;
148
149 /*
150 * Source routing with record. Find interface with current
151 * destination address. If none on this machine then drop if
152 * strictly routed, or do nothing if loosely routed. Record
153 * interface address and bring up next address component. If
154 * strictly routed make sure next address is on directly
155 * accessible net.
156 */
157 case IPOPT_LSRR:
158 case IPOPT_SSRR:
159#ifdef IPSTEALTH
160 if (V_ipstealth && pass > 0)
161 break;
162#endif
163 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
164 code = &cp[IPOPT_OLEN] - (u_char *)ip;
165 goto bad;
166 }
167 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
168 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
169 goto bad;
170 }
171 ipaddr.sin_addr = ip->ip_dst;
172 if (ifa_ifwithaddr_check((struct sockaddr *)&ipaddr)
173 == 0) {
174 if (opt == IPOPT_SSRR) {
175 type = ICMP_UNREACH;
176 code = ICMP_UNREACH_SRCFAIL;
177 goto bad;
178 }
179 if (!V_ip_dosourceroute)
180 goto nosourcerouting;
181 /*
182 * Loose routing, and not at next destination
183 * yet; nothing to do except forward.
184 */
185 break;
186 }
187 off--; /* 0 origin */
188 if (off > optlen - (int)sizeof(struct in_addr)) {
189 /*
190 * End of source route. Should be for us.
191 */
192 if (!V_ip_acceptsourceroute)
193 goto nosourcerouting;
194 save_rte(m, cp, ip->ip_src);
195 break;
196 }
197#ifdef IPSTEALTH
198 if (V_ipstealth)
199 goto dropit;
200#endif
201 if (!V_ip_dosourceroute) {
202 if (V_ipforwarding) {
203 char srcbuf[INET_ADDRSTRLEN];
204 char dstbuf[INET_ADDRSTRLEN];
205
206 /*
207 * Acting as a router, so generate
208 * ICMP
209 */
210nosourcerouting:
211 log(LOG_WARNING,
212 "attempted source route from %s "
213 "to %s\n",
214 inet_ntoa_r(ip->ip_src, srcbuf),
215 inet_ntoa_r(ip->ip_dst, dstbuf));
216 type = ICMP_UNREACH;
217 code = ICMP_UNREACH_SRCFAIL;
218 goto bad;
219 } else {
220 /*
221 * Not acting as a router, so
222 * silently drop.
223 */
224#ifdef IPSTEALTH
225dropit:
226#endif
227 IPSTAT_INC(ips_cantforward);
228 m_freem(m);
229 return (1);
230 }
231 }
232
233 /*
234 * locate outgoing interface
235 */
236 (void)memcpy(&ipaddr.sin_addr, cp + off,
237 sizeof(ipaddr.sin_addr));
238
239 type = ICMP_UNREACH;
240 code = ICMP_UNREACH_SRCFAIL;
241
242 if (opt == IPOPT_SSRR) {
243#define INA struct in_ifaddr *
244#define SA struct sockaddr *
245 ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr,
246 RT_ALL_FIBS);
247 if (ia == NULL)
248 ia = (INA)ifa_ifwithnet((SA)&ipaddr, 0,
249 RT_ALL_FIBS);
250 if (ia == NULL)
251 goto bad;
252
253 memcpy(cp + off, &(IA_SIN(ia)->sin_addr),
254 sizeof(struct in_addr));
255 } else {
256 /* XXX MRT 0 for routing */
257 nh = fib4_lookup(M_GETFIB(m), ipaddr.sin_addr,
258 0, NHR_NONE, 0);
259 if (nh == NULL)
260 goto bad;
261
262 memcpy(cp + off, &(IA_SIN(nh->nh_ifa)->sin_addr),
263 sizeof(struct in_addr));
264 }
265
266 ip->ip_dst = ipaddr.sin_addr;
267 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
268 /*
269 * Let ip_intr's mcast routing check handle mcast pkts
270 */
271 forward = !IN_MULTICAST(ntohl(ip->ip_dst.s_addr));
272 break;
273
274 case IPOPT_RR:
275#ifdef IPSTEALTH
276 if (V_ipstealth && pass == 0)
277 break;
278#endif
279 if (optlen < IPOPT_OFFSET + sizeof(*cp)) {
280 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
281 goto bad;
282 }
283 if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) {
284 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
285 goto bad;
286 }
287 /*
288 * If no space remains, ignore.
289 */
290 off--; /* 0 origin */
291 if (off > optlen - (int)sizeof(struct in_addr))
292 break;
293 (void)memcpy(&ipaddr.sin_addr, &ip->ip_dst,
294 sizeof(ipaddr.sin_addr));
295 /*
296 * Locate outgoing interface; if we're the
297 * destination, use the incoming interface (should be
298 * same).
299 */
300 if ((ia = (INA)ifa_ifwithaddr((SA)&ipaddr)) != NULL) {
301 memcpy(cp + off, &(IA_SIN(ia)->sin_addr),
302 sizeof(struct in_addr));
303 } else if ((nh = fib4_lookup(M_GETFIB(m),
304 ipaddr.sin_addr, 0, NHR_NONE, 0)) != NULL) {
305 memcpy(cp + off, &(IA_SIN(nh->nh_ifa)->sin_addr),
306 sizeof(struct in_addr));
307 } else {
308 type = ICMP_UNREACH;
309 code = ICMP_UNREACH_HOST;
310 goto bad;
311 }
312 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
313 break;
314
315 case IPOPT_TS:
316#ifdef IPSTEALTH
317 if (V_ipstealth && pass == 0)
318 break;
319#endif
320 code = cp - (u_char *)ip;
321 if (optlen < 4 || optlen > 40) {
322 code = &cp[IPOPT_OLEN] - (u_char *)ip;
323 goto bad;
324 }
325 if ((off = cp[IPOPT_OFFSET]) < 5) {
326 code = &cp[IPOPT_OLEN] - (u_char *)ip;
327 goto bad;
328 }
329 if (off > optlen - (int)sizeof(int32_t)) {
330 cp[IPOPT_OFFSET + 1] += (1 << 4);
331 if ((cp[IPOPT_OFFSET + 1] & 0xf0) == 0) {
332 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
333 goto bad;
334 }
335 break;
336 }
337 off--; /* 0 origin */
338 sin = (struct in_addr *)(cp + off);
339 switch (cp[IPOPT_OFFSET + 1] & 0x0f) {
340 case IPOPT_TS_TSONLY:
341 break;
342
343 case IPOPT_TS_TSANDADDR:
344 if (off + sizeof(uint32_t) +
345 sizeof(struct in_addr) > optlen) {
346 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
347 goto bad;
348 }
349 ipaddr.sin_addr = dst;
350 ia = (INA)ifaof_ifpforaddr((SA)&ipaddr,
351 m->m_pkthdr.rcvif);
352 if (ia == NULL)
353 continue;
354 (void)memcpy(sin, &IA_SIN(ia)->sin_addr,
355 sizeof(struct in_addr));
356 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
357 off += sizeof(struct in_addr);
358 break;
359
360 case IPOPT_TS_PRESPEC:
361 if (off + sizeof(uint32_t) +
362 sizeof(struct in_addr) > optlen) {
363 code = &cp[IPOPT_OFFSET] - (u_char *)ip;
364 goto bad;
365 }
366 (void)memcpy(&ipaddr.sin_addr, sin,
367 sizeof(struct in_addr));
368 if (ifa_ifwithaddr_check((SA)&ipaddr) == 0)
369 continue;
370 cp[IPOPT_OFFSET] += sizeof(struct in_addr);
371 off += sizeof(struct in_addr);
372 break;
373
374 default:
375 code = &cp[IPOPT_OFFSET + 1] - (u_char *)ip;
376 goto bad;
377 }
378 ntime = iptime();
379 (void)memcpy(cp + off, &ntime, sizeof(uint32_t));
380 cp[IPOPT_OFFSET] += sizeof(uint32_t);
381 }
382 }
383 if (forward && V_ipforwarding) {
384 ip_forward(m, 1);
385 return (1);
386 }
387 return (0);
388bad:
389 icmp_error(m, type, code, 0, 0);
390 IPSTAT_INC(ips_badoptions);
391 return (1);
392}
393
394/*
395 * Save incoming source route for use in replies, to be picked up later by
396 * ip_srcroute if the receiver is interested.
397 */
398static void
399save_rte(struct mbuf *m, u_char *option, struct in_addr dst)
400{
401 unsigned olen;
402 struct ipopt_tag *opts;
403
404 opts = (struct ipopt_tag *)m_tag_get(PACKET_TAG_IPOPTIONS,
405 sizeof(struct ipopt_tag), M_NOWAIT);
406 if (opts == NULL)
407 return;
408
409 olen = option[IPOPT_OLEN];
410 if (olen > sizeof(opts->ip_srcrt) - (1 + sizeof(dst))) {
411 m_tag_free((struct m_tag *)opts);
412 return;
413 }
414 bcopy(option, opts->ip_srcrt.srcopt, olen);
415 opts->ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr);
416 opts->ip_srcrt.dst = dst;
417 m_tag_prepend(m, (struct m_tag *)opts);
418}
419
420/*
421 * Retrieve incoming source route for use in replies, in the same form used
422 * by setsockopt. The first hop is placed before the options, will be
423 * removed later.
424 */
425struct mbuf *
426ip_srcroute(struct mbuf *m0)
427{
428 struct in_addr *p, *q;
429 struct mbuf *m;
430 struct ipopt_tag *opts;
431
432 opts = (struct ipopt_tag *)m_tag_find(m0, PACKET_TAG_IPOPTIONS, NULL);
433 if (opts == NULL)
434 return (NULL);
435
436 if (opts->ip_nhops == 0)
437 return (NULL);
438 m = m_get(M_NOWAIT, MT_DATA);
439 if (m == NULL)
440 return (NULL);
441
442#define OPTSIZ (sizeof(opts->ip_srcrt.nop) + sizeof(opts->ip_srcrt.srcopt))
443
444 /* length is (nhops+1)*sizeof(addr) + sizeof(nop + srcrt header) */
445 m->m_len = opts->ip_nhops * sizeof(struct in_addr) +
446 sizeof(struct in_addr) + OPTSIZ;
447
448 /*
449 * First, save first hop for return route.
450 */
451 p = &(opts->ip_srcrt.route[opts->ip_nhops - 1]);
452 *(mtod(m, struct in_addr *)) = *p--;
453
454 /*
455 * Copy option fields and padding (nop) to mbuf.
456 */
457 opts->ip_srcrt.nop = IPOPT_NOP;
458 opts->ip_srcrt.srcopt[IPOPT_OFFSET] = IPOPT_MINOFF;
459 (void)memcpy(mtod(m, caddr_t) + sizeof(struct in_addr),
460 &(opts->ip_srcrt.nop), OPTSIZ);
461 q = (struct in_addr *)(mtod(m, caddr_t) +
462 sizeof(struct in_addr) + OPTSIZ);
463#undef OPTSIZ
464 /*
465 * Record return path as an IP source route, reversing the path
466 * (pointers are now aligned).
467 */
468 while (p >= opts->ip_srcrt.route) {
469 *q++ = *p--;
470 }
471 /*
472 * Last hop goes to final destination.
473 */
474 *q = opts->ip_srcrt.dst;
475 m_tag_delete(m0, (struct m_tag *)opts);
476 return (m);
477}
478
479/*
480 * Strip out IP options, at higher level protocol in the kernel.
481 */
482void
483ip_stripoptions(struct mbuf *m)
484{
485 struct ip *ip = mtod(m, struct ip *);
486 int olen;
487
488 olen = (ip->ip_hl << 2) - sizeof(struct ip);
489 m->m_len -= olen;
490 if (m->m_flags & M_PKTHDR)
491 m->m_pkthdr.len -= olen;
492 ip->ip_len = htons(ntohs(ip->ip_len) - olen);
493 ip->ip_hl = sizeof(struct ip) >> 2;
494
495 bcopy((char *)ip + sizeof(struct ip) + olen, (ip + 1),
496 (size_t )(m->m_len - sizeof(struct ip)));
497}
498
499/*
500 * Insert IP options into preformed packet. Adjust IP destination as
501 * required for IP source routing, as indicated by a non-zero in_addr at the
502 * start of the options.
503 *
504 * XXX This routine assumes that the packet has no options in place.
505 */
506struct mbuf *
507ip_insertoptions(struct mbuf *m, struct mbuf *opt, int *phlen)
508{
509 struct ipoption *p = mtod(opt, struct ipoption *);
510 struct mbuf *n;
511 struct ip *ip = mtod(m, struct ip *);
512 unsigned optlen;
513
514 optlen = opt->m_len - sizeof(p->ipopt_dst);
515 if (optlen + ntohs(ip->ip_len) > IP_MAXPACKET) {
516 *phlen = 0;
517 return (m); /* XXX should fail */
518 }
519 if (p->ipopt_dst.s_addr)
520 ip->ip_dst = p->ipopt_dst;
521 if (!M_WRITABLE(m) || M_LEADINGSPACE(m) < optlen) {
522 n = m_gethdr(M_NOWAIT, MT_DATA);
523 if (n == NULL) {
524 *phlen = 0;
525 return (m);
526 }
527 m_move_pkthdr(n, m);
528 n->m_pkthdr.rcvif = NULL;
529 n->m_pkthdr.len += optlen;
530 m->m_len -= sizeof(struct ip);
531 m->m_data += sizeof(struct ip);
532 n->m_next = m;
533 m = n;
534 m->m_len = optlen + sizeof(struct ip);
535 m->m_data += max_linkhdr;
536 bcopy(ip, mtod(m, void *), sizeof(struct ip));
537 } else {
538 m->m_data -= optlen;
539 m->m_len += optlen;
540 m->m_pkthdr.len += optlen;
541 bcopy(ip, mtod(m, void *), sizeof(struct ip));
542 }
543 ip = mtod(m, struct ip *);
544 bcopy(p->ipopt_list, ip + 1, optlen);
545 *phlen = sizeof(struct ip) + optlen;
546 ip->ip_v = IPVERSION;
547 ip->ip_hl = *phlen >> 2;
548 ip->ip_len = htons(ntohs(ip->ip_len) + optlen);
549 return (m);
550}
551
552/*
553 * Copy options from ip to jp, omitting those not copied during
554 * fragmentation.
555 */
556int
557ip_optcopy(struct ip *ip, struct ip *jp)
558{
559 u_char *cp, *dp;
560 int opt, optlen, cnt;
561
562 cp = (u_char *)(ip + 1);
563 dp = (u_char *)(jp + 1);
564 cnt = (ip->ip_hl << 2) - sizeof (struct ip);
565 for (; cnt > 0; cnt -= optlen, cp += optlen) {
566 opt = cp[0];
567 if (opt == IPOPT_EOL)
568 break;
569 if (opt == IPOPT_NOP) {
570 /* Preserve for IP mcast tunnel's LSRR alignment. */
571 *dp++ = IPOPT_NOP;
572 optlen = 1;
573 continue;
574 }
575
576 KASSERT(cnt >= IPOPT_OLEN + sizeof(*cp),
577 ("ip_optcopy: malformed ipv4 option"));
578 optlen = cp[IPOPT_OLEN];
579 KASSERT(optlen >= IPOPT_OLEN + sizeof(*cp) && optlen <= cnt,
580 ("ip_optcopy: malformed ipv4 option"));
581
582 /* Bogus lengths should have been caught by ip_dooptions. */
583 if (optlen > cnt)
584 optlen = cnt;
585 if (IPOPT_COPIED(opt)) {
586 bcopy(cp, dp, optlen);
587 dp += optlen;
588 }
589 }
590 for (optlen = dp - (u_char *)(jp+1); optlen & 0x3; optlen++)
591 *dp++ = IPOPT_EOL;
592 return (optlen);
593}
594
595/*
596 * Set up IP options in pcb for insertion in output packets. Store in mbuf
597 * with pointer in pcbopt, adding pseudo-option with destination address if
598 * source routed.
599 */
600int
601ip_pcbopts(struct inpcb *inp, int optname, struct mbuf *m)
602{
603 int cnt, optlen;
604 u_char *cp;
605 struct mbuf **pcbopt;
606 u_char opt;
607
608 INP_WLOCK_ASSERT(inp);
609
610 pcbopt = &inp->inp_options;
611
612 /* turn off any old options */
613 if (*pcbopt)
614 (void)m_free(*pcbopt);
615 *pcbopt = NULL;
616 if (m == NULL || m->m_len == 0) {
617 /*
618 * Only turning off any previous options.
619 */
620 if (m != NULL)
621 (void)m_free(m);
622 return (0);
623 }
624
625 if (m->m_len % sizeof(int32_t))
626 goto bad;
627 /*
628 * IP first-hop destination address will be stored before actual
629 * options; move other options back and clear it when none present.
630 */
631 if (m->m_data + m->m_len + sizeof(struct in_addr) >= &m->m_dat[MLEN])
632 goto bad;
633 cnt = m->m_len;
634 m->m_len += sizeof(struct in_addr);
635 cp = mtod(m, u_char *) + sizeof(struct in_addr);
636 bcopy(mtod(m, void *), cp, (unsigned)cnt);
637 bzero(mtod(m, void *), sizeof(struct in_addr));
638
639 for (; cnt > 0; cnt -= optlen, cp += optlen) {
640 opt = cp[IPOPT_OPTVAL];
641 if (opt == IPOPT_EOL)
642 break;
643 if (opt == IPOPT_NOP)
644 optlen = 1;
645 else {
646 if (cnt < IPOPT_OLEN + sizeof(*cp))
647 goto bad;
648 optlen = cp[IPOPT_OLEN];
649 if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt)
650 goto bad;
651 }
652 switch (opt) {
653 default:
654 break;
655
656 case IPOPT_LSRR:
657 case IPOPT_SSRR:
658 /*
659 * User process specifies route as:
660 *
661 * ->A->B->C->D
662 *
663 * D must be our final destination (but we can't
664 * check that since we may not have connected yet).
665 * A is first hop destination, which doesn't appear
666 * in actual IP option, but is stored before the
667 * options.
668 */
669 /* XXX-BZ PRIV_NETINET_SETHDROPTS? */
670 if (optlen < IPOPT_MINOFF - 1 + sizeof(struct in_addr))
671 goto bad;
672 m->m_len -= sizeof(struct in_addr);
673 cnt -= sizeof(struct in_addr);
674 optlen -= sizeof(struct in_addr);
675 cp[IPOPT_OLEN] = optlen;
676 /*
677 * Move first hop before start of options.
678 */
679 bcopy((caddr_t)&cp[IPOPT_OFFSET+1], mtod(m, caddr_t),
680 sizeof(struct in_addr));
681 /*
682 * Then copy rest of options back
683 * to close up the deleted entry.
684 */
685 bcopy((&cp[IPOPT_OFFSET+1] + sizeof(struct in_addr)),
686 &cp[IPOPT_OFFSET+1],
687 (unsigned)cnt - (IPOPT_MINOFF - 1));
688 break;
689 }
690 }
691 if (m->m_len > MAX_IPOPTLEN + sizeof(struct in_addr))
692 goto bad;
693 *pcbopt = m;
694 return (0);
695
696bad:
697 (void)m_free(m);
698 return (EINVAL);
699}
700
701/*
702 * Check for the presence of the IP Router Alert option [RFC2113]
703 * in the header of an IPv4 datagram.
704 *
705 * This call is not intended for use from the forwarding path; it is here
706 * so that protocol domains may check for the presence of the option.
707 * Given how FreeBSD's IPv4 stack is currently structured, the Router Alert
708 * option does not have much relevance to the implementation, though this
709 * may change in future.
710 * Router alert options SHOULD be passed if running in IPSTEALTH mode and
711 * we are not the endpoint.
712 * Length checks on individual options should already have been performed
713 * by ip_dooptions() therefore they are folded under INVARIANTS here.
714 *
715 * Return zero if not present or options are invalid, non-zero if present.
716 */
717int
718ip_checkrouteralert(struct mbuf *m)
719{
720 struct ip *ip = mtod(m, struct ip *);
721 u_char *cp;
722 int opt, optlen, cnt, found_ra;
723
724 found_ra = 0;
725 cp = (u_char *)(ip + 1);
726 cnt = (ip->ip_hl << 2) - sizeof (struct ip);
727 for (; cnt > 0; cnt -= optlen, cp += optlen) {
728 opt = cp[IPOPT_OPTVAL];
729 if (opt == IPOPT_EOL)
730 break;
731 if (opt == IPOPT_NOP)
732 optlen = 1;
733 else {
734#ifdef INVARIANTS
735 if (cnt < IPOPT_OLEN + sizeof(*cp))
736 break;
737#endif
738 optlen = cp[IPOPT_OLEN];
739#ifdef INVARIANTS
740 if (optlen < IPOPT_OLEN + sizeof(*cp) || optlen > cnt)
741 break;
742#endif
743 }
744 switch (opt) {
745 case IPOPT_RA:
746#ifdef INVARIANTS
747 if (optlen != IPOPT_OFFSET + sizeof(uint16_t) ||
748 (*((uint16_t *)&cp[IPOPT_OFFSET]) != 0))
749 break;
750 else
751#endif
752 found_ra = 1;
753 break;
754 default:
755 break;
756 }
757 }
758
759 return (found_ra);
760}
uint32_t
__uint32_t uint32_t
Definition: in.h:62
uint16_t
__uint16_t uint16_t
Definition: in.h:57
inet_ntoa_r
char * inet_ntoa_r(struct in_addr ina, char *buf)
in_fib.h
fib4_lookup
struct nhop_object * fib4_lookup(uint32_t fibnum, struct in_addr dst, uint32_t scopeid, uint32_t flags, uint32_t flowid)
in_pcb.h
INP_WLOCK_ASSERT
#define INP_WLOCK_ASSERT(inp)
Definition: in_pcb.h:529
in_systm.h
iptime
uint32_t iptime(void)
in_var.h
IA_SIN
#define IA_SIN(ia)
Definition: in_var.h:96
IP_MAXPACKET
#define IP_MAXPACKET
Definition: ip.h:74
IPOPT_COPIED
#define IPOPT_COPIED(o)
Definition: ip.h:140
IPOPT_OLEN
#define IPOPT_OLEN
Definition: ip.h:166
IPOPT_MINOFF
#define IPOPT_MINOFF
Definition: ip.h:168
IPOPT_NOP
#define IPOPT_NOP
Definition: ip.h:150
IPOPT_OFFSET
#define IPOPT_OFFSET
Definition: ip.h:167
IPOPT_TS_TSANDADDR
#define IPOPT_TS_TSANDADDR
Definition: ip.h:196
IPOPT_RR
#define IPOPT_RR
Definition: ip.h:152
IPOPT_OPTVAL
#define IPOPT_OPTVAL
Definition: ip.h:165
IPVERSION
#define IPVERSION
Definition: ip.h:46
IPOPT_EOL
#define IPOPT_EOL
Definition: ip.h:149
IPOPT_RA
#define IPOPT_RA
Definition: ip.h:160
IPOPT_LSRR
#define IPOPT_LSRR
Definition: ip.h:155
IPOPT_SSRR
#define IPOPT_SSRR
Definition: ip.h:159
IPOPT_TS
#define IPOPT_TS
Definition: ip.h:153
IPOPT_TS_TSONLY
#define IPOPT_TS_TSONLY
Definition: ip.h:195
IPOPT_TS_PRESPEC
#define IPOPT_TS_PRESPEC
Definition: ip.h:197
ip_icmp.h
ICMP_UNREACH_HOST
#define ICMP_UNREACH_HOST
Definition: ip_icmp.h:156
ICMP_UNREACH_SRCFAIL
#define ICMP_UNREACH_SRCFAIL
Definition: ip_icmp.h:160
icmp_error
void icmp_error(struct mbuf *, int, int, uint32_t, int)
ICMP_PARAMPROB
#define ICMP_PARAMPROB
Definition: ip_icmp.h:186
ICMP_UNREACH_FILTER_PROHIB
#define ICMP_UNREACH_FILTER_PROHIB
Definition: ip_icmp.h:168
ICMP_UNREACH
#define ICMP_UNREACH
Definition: ip_icmp.h:154
ip_forward
void ip_forward(struct mbuf *m, int srcrt)
Definition: ip_input.c:959
VNET_DEFINE_STATIC
VNET_DEFINE_STATIC(int, ip_dosourceroute)
ip_insertoptions
struct mbuf * ip_insertoptions(struct mbuf *m, struct mbuf *opt, int *phlen)
Definition: ip_options.c:507
SA
#define SA
VNET_DEFINE
VNET_DEFINE(int, ip_doopts)
ip_stripoptions
void ip_stripoptions(struct mbuf *m)
Definition: ip_options.c:483
OPTSIZ
#define OPTSIZ
ip_pcbopts
int ip_pcbopts(struct inpcb *inp, int optname, struct mbuf *m)
Definition: ip_options.c:601
ip_srcroute
struct mbuf * ip_srcroute(struct mbuf *m0)
Definition: ip_options.c:426
ip_optcopy
int ip_optcopy(struct ip *ip, struct ip *jp)
Definition: ip_options.c:557
__FBSDID
__FBSDID("$FreeBSD$")
save_rte
static void save_rte(struct mbuf *m, u_char *, struct in_addr)
Definition: ip_options.c:399
SYSCTL_INT
SYSCTL_INT(_net_inet_ip, IPCTL_SOURCEROUTE, sourceroute, CTLFLAG_VNET|CTLFLAG_RW, &VNET_NAME(ip_dosourceroute), 0, "Enable forwarding source routed IP packets")
V_ip_dosourceroute
#define V_ip_dosourceroute
Definition: ip_options.c:76
INA
#define INA
ip_checkrouteralert
int ip_checkrouteralert(struct mbuf *m)
Definition: ip_options.c:718
ip_dooptions
int ip_dooptions(struct mbuf *m, int pass)
Definition: ip_options.c:103
V_ip_acceptsourceroute
#define V_ip_acceptsourceroute
Definition: ip_options.c:82
ip_options.h
V_ip_doopts
#define V_ip_doopts
Definition: ip_options.h:53
ip_var.h
V_ipforwarding
#define V_ipforwarding
Definition: ip_var.h:203
IPSTAT_INC
#define IPSTAT_INC(name)
Definition: ip_var.h:151
MAX_IPOPTLEN
#define MAX_IPOPTLEN
Definition: ip_var.h:81
in_addr
Definition: in.h:83
in_addr::s_addr
in_addr_t s_addr
Definition: in.h:84
in_ifaddr
Definition: in_var.h:75
inpcb
Definition: in_pcb.h:217
inpcb::inp_options
struct mbuf * inp_options
Definition: in_pcb.h:279
ip
Definition: ip.h:51
ip::ip_dst
struct in_addr ip_src ip_dst
Definition: ip.h:71
ip::ip_hl
u_char ip_hl
Definition: ip.h:53
ip::ip_len
u_short ip_len
Definition: ip.h:61
ip::ip_v
u_char ip_v
Definition: ip.h:54
ipopt_tag
Definition: ip_options.h:46
ipopt_tag::ip_srcrt
struct ipoptrt ip_srcrt
Definition: ip_options.h:49
ipopt_tag::ip_nhops
int ip_nhops
Definition: ip_options.h:48
ipoption::ipopt_dst
struct in_addr ipopt_dst
Definition: ip_var.h:84
ipoption::ipopt_list
char ipopt_list[MAX_IPOPTLEN]
Definition: ip_var.h:85
ipoptrt::srcopt
char srcopt[IPOPT_OFFSET+1]
Definition: ip_options.h:42
ipoptrt::nop
char nop
Definition: ip_options.h:41
ipoptrt::route
struct in_addr route[MAX_IPOPTLEN/sizeof(struct in_addr)]
Definition: ip_options.h:43
ipoptrt::dst
struct in_addr dst
Definition: ip_options.h:40
sockaddr_in
Definition: in.h:97
sockaddr_in::sin_addr
struct in_addr sin_addr
Definition: in.h:101