Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys pull latest kame pcbnotify code. synchronizes ICMPv6 pa...
details: https://anonhg.NetBSD.org/src/rev/e91a0a6267e8
branches: trunk
changeset: 503669:e91a0a6267e8
user: itojun <itojun%NetBSD.org@localhost>
date: Sun Feb 11 06:49:49 2001 +0000
description:
pull latest kame pcbnotify code. synchronizes ICMPv6 path mtu discovery
behavior with other protocols (i.e. validation, use of hiwat/lowat).
diffstat:
sys/netinet/tcp_subr.c | 76 ++++++------------
sys/netinet6/ah_input.c | 37 +++-----
sys/netinet6/esp_input.c | 58 ++++++++------
sys/netinet6/icmp6.c | 182 +++++++++++++++++++++++++++++++-------------
sys/netinet6/in6.c | 7 +-
sys/netinet6/in6.h | 4 +-
sys/netinet6/in6_pcb.c | 123 ++++++++++++++++++++---------
sys/netinet6/in6_pcb.h | 6 +-
sys/netinet6/in6_proto.c | 4 +-
sys/netinet6/ip6protosw.h | 12 ++-
sys/netinet6/raw_ip6.c | 88 ++++++++++++++++-----
sys/netinet6/udp6_usrreq.c | 87 ++++++++++-----------
12 files changed, 412 insertions(+), 272 deletions(-)
diffs (truncated from 1215 to 300 lines):
diff -r f735dc8ee840 -r e91a0a6267e8 sys/netinet/tcp_subr.c
--- a/sys/netinet/tcp_subr.c Sun Feb 11 06:45:59 2001 +0000
+++ b/sys/netinet/tcp_subr.c Sun Feb 11 06:49:49 2001 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: tcp_subr.c,v 1.106 2001/01/24 09:04:16 itojun Exp $ */
+/* $NetBSD: tcp_subr.c,v 1.107 2001/02/11 06:49:49 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -1110,16 +1110,14 @@
struct sockaddr *sa;
void *d;
{
- struct tcphdr *thp;
struct tcphdr th;
void (*notify) __P((struct in6pcb *, int)) = tcp6_notify;
int nmatch;
- struct sockaddr_in6 sa6;
struct ip6_hdr *ip6;
+ const struct sockaddr_in6 *sa6_src = NULL;
+ struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *)sa;
struct mbuf *m;
int off;
- struct in6_addr finaldst;
- struct in6_addr s;
if (sa->sa_family != AF_INET6 ||
sa->sa_len != sizeof(struct sockaddr_in6))
@@ -1144,26 +1142,13 @@
m = ip6cp->ip6c_m;
ip6 = ip6cp->ip6c_ip6;
off = ip6cp->ip6c_off;
-
- /* translate addresses into internal form */
- bcopy(ip6cp->ip6c_finaldst, &finaldst, sizeof(finaldst));
- if (IN6_IS_ADDR_LINKLOCAL(&finaldst)) {
- finaldst.s6_addr16[1] =
- htons(m->m_pkthdr.rcvif->if_index);
- }
- bcopy(&ip6->ip6_src, &s, sizeof(s));
- if (IN6_IS_ADDR_LINKLOCAL(&s))
- s.s6_addr16[1] = htons(m->m_pkthdr.rcvif->if_index);
+ sa6_src = ip6cp->ip6c_src;
} else {
m = NULL;
ip6 = NULL;
+ sa6_src = &sa6_any;
}
- /* translate addresses into internal form */
- sa6 = *(struct sockaddr_in6 *)sa;
- if (IN6_IS_ADDR_LINKLOCAL(&sa6.sin6_addr) && m && m->m_pkthdr.rcvif)
- sa6.sin6_addr.s6_addr16[1] = htons(m->m_pkthdr.rcvif->if_index);
-
if (ip6) {
/*
* XXX: We assume that when ip6 is non NULL,
@@ -1174,15 +1159,8 @@
if (m->m_pkthdr.len < off + sizeof(th))
return;
- if (m->m_len < off + sizeof(th)) {
- /*
- * this should be rare case,
- * so we compromise on this copy...
- */
- m_copydata(m, off, sizeof(th), (caddr_t)&th);
- thp = &th;
- } else
- thp = (struct tcphdr *)(mtod(m, caddr_t) + off);
+ bzero(&th, sizeof(th));
+ m_copydata(m, off, sizeof(th), (caddr_t)&th);
if (cmd == PRC_MSGSIZE) {
int valid = 0;
@@ -1192,38 +1170,38 @@
* corresponding to the address in the ICMPv6 message
* payload.
*/
- if (in6_pcblookup_connect(&tcb6, &finaldst,
- thp->th_dport, &s, thp->th_sport, 0))
+ if (in6_pcblookup_connect(&tcb6, &sa6->sin6_addr,
+ th.th_dport, (struct in6_addr *)&sa6_src->sin6_addr,
+ th.th_sport, 0))
valid++;
/*
- * Now that we've validated that we are actually
- * communicating with the host indicated in the ICMPv6
- * message, recalculate the new MTU, and create the
- * corresponding routing entry.
+ * Depending on the value of "valid" and routing table
+ * size (mtudisc_{hi,lo}wat), we will:
+ * - recalcurate the new MTU and create the
+ * corresponding routing entry, or
+ * - ignore the MTU change notification.
*/
icmp6_mtudisc_update((struct ip6ctlparam *)d, valid);
+ /*
+ * no need to call in6_pcbnotify, it should have been
+ * called via callback if necessary
+ */
return;
}
- nmatch = in6_pcbnotify(&tcb6, (struct sockaddr *)&sa6,
- thp->th_dport, &s, thp->th_sport, cmd, notify);
+ nmatch = in6_pcbnotify(&tcb6, sa, th.th_dport,
+ (struct sockaddr *)sa6_src, th.th_sport, cmd, NULL, notify);
if (nmatch == 0 && syn_cache_count &&
(inet6ctlerrmap[cmd] == EHOSTUNREACH ||
inet6ctlerrmap[cmd] == ENETUNREACH ||
- inet6ctlerrmap[cmd] == EHOSTDOWN)) {
- struct sockaddr_in6 sin6;
- bzero(&sin6, sizeof(sin6));
- sin6.sin6_len = sizeof(sin6);
- sin6.sin6_family = AF_INET6;
- sin6.sin6_port = thp->th_sport;
- sin6.sin6_addr = s;
- syn_cache_unreach((struct sockaddr *)&sin6, sa, thp);
- }
+ inet6ctlerrmap[cmd] == EHOSTDOWN))
+ syn_cache_unreach((struct sockaddr *)sa6_src,
+ sa, &th);
} else {
- (void) in6_pcbnotify(&tcb6, (struct sockaddr *)&sa6, 0,
- &zeroin6_addr, 0, cmd, notify);
+ (void) in6_pcbnotify(&tcb6, sa, 0, (struct sockaddr *)sa6_src,
+ 0, cmd, NULL, notify);
}
}
#endif
@@ -1409,7 +1387,7 @@
sin6.sin6_len = sizeof(struct sockaddr_in6);
sin6.sin6_addr = *faddr;
(void) in6_pcbnotify(&tcb6, (struct sockaddr *)&sin6, 0,
- &zeroin6_addr, 0, PRC_MSGSIZE, tcp6_mtudisc);
+ (struct sockaddr *)&sa6_any, 0, PRC_MSGSIZE, NULL, tcp6_mtudisc);
}
void
diff -r f735dc8ee840 -r e91a0a6267e8 sys/netinet6/ah_input.c
--- a/sys/netinet6/ah_input.c Sun Feb 11 06:45:59 2001 +0000
+++ b/sys/netinet6/ah_input.c Sun Feb 11 06:49:49 2001 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: ah_input.c,v 1.24 2001/01/24 09:04:16 itojun Exp $ */
-/* $KAME: ah_input.c,v 1.48 2001/01/23 08:59:37 itojun Exp $ */
+/* $NetBSD: ah_input.c,v 1.25 2001/02/11 06:49:51 itojun Exp $ */
+/* $KAME: ah_input.c,v 1.51 2001/02/08 14:24:05 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -1046,9 +1046,9 @@
struct secasvar *sav;
struct ip6_hdr *ip6;
struct mbuf *m;
+ struct ip6ctlparam *ip6cp = NULL;
int off;
- struct in6_addr finaldst;
- struct in6_addr s;
+ struct sockaddr_in6 sa6_src, sa6_dst;
if (sa->sa_family != AF_INET6 ||
sa->sa_len != sizeof(struct sockaddr_in6))
@@ -1058,20 +1058,10 @@
/* if the parameter is from icmp6, decode it. */
if (d != NULL) {
- struct ip6ctlparam *ip6cp = (struct ip6ctlparam *)d;
+ ip6cp = (struct ip6ctlparam *)d;
m = ip6cp->ip6c_m;
ip6 = ip6cp->ip6c_ip6;
off = ip6cp->ip6c_off;
-
- /* translate addresses into internal form */
- bcopy(ip6cp->ip6c_finaldst, &finaldst, sizeof(finaldst));
- if (IN6_IS_ADDR_LINKLOCAL(&finaldst)) {
- finaldst.s6_addr16[1] =
- htons(m->m_pkthdr.rcvif->if_index);
- }
- bcopy(&ip6->ip6_src, &s, sizeof(s));
- if (IN6_IS_ADDR_LINKLOCAL(&s))
- s.s6_addr16[1] = htons(m->m_pkthdr.rcvif->if_index);
} else {
m = NULL;
ip6 = NULL;
@@ -1104,8 +1094,10 @@
* Check to see if we have a valid SA corresponding to
* the address in the ICMP message payload.
*/
- sav = key_allocsa(AF_INET6, (caddr_t)&s,
- (caddr_t)&finaldst, IPPROTO_AH, ahp->ah_spi);
+ sav = key_allocsa(AF_INET6,
+ (caddr_t)&sa6_src.sin6_addr,
+ (caddr_t)&sa6_dst.sin6_addr,
+ IPPROTO_AH, ahp->ah_spi);
if (sav) {
if (sav->state == SADB_SASTATE_MATURE ||
sav->state == SADB_SASTATE_DYING)
@@ -1116,14 +1108,13 @@
/* XXX Further validation? */
/*
- * Now that we've validated that we are actually
- * communicating with the host indicated in the ICMPv6
- * message, recalculate the new MTU, and create the
- * corresponding routing entry.
+ * Depending on the value of "valid" and routing table
+ * size (mtudisc_{hi,lo}wat), we will:
+ * - recalcurate the new MTU and create the
+ * corresponding routing entry, or
+ * - ignore the MTU change notification.
*/
icmp6_mtudisc_update((struct ip6ctlparam *)d, valid);
-
- return;
}
/* we normally notify single pcb here */
diff -r f735dc8ee840 -r e91a0a6267e8 sys/netinet6/esp_input.c
--- a/sys/netinet6/esp_input.c Sun Feb 11 06:45:59 2001 +0000
+++ b/sys/netinet6/esp_input.c Sun Feb 11 06:49:49 2001 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: esp_input.c,v 1.14 2001/01/24 09:04:16 itojun Exp $ */
-/* $KAME: esp_input.c,v 1.50 2001/01/23 08:59:37 itojun Exp $ */
+/* $NetBSD: esp_input.c,v 1.15 2001/02/11 06:49:51 itojun Exp $ */
+/* $KAME: esp_input.c,v 1.52 2001/02/07 04:58:47 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -946,12 +946,12 @@
{
const struct newesp *espp;
struct newesp esp;
+ struct ip6ctlparam *ip6cp = NULL, ip6cp1;
struct secasvar *sav;
struct ip6_hdr *ip6;
struct mbuf *m;
int off;
- struct in6_addr finaldst;
- struct in6_addr s;
+ struct sockaddr_in6 sa6_src, sa6_dst;
if (sa->sa_family != AF_INET6 ||
sa->sa_len != sizeof(struct sockaddr_in6))
@@ -961,20 +961,10 @@
/* if the parameter is from icmp6, decode it. */
if (d != NULL) {
- struct ip6ctlparam *ip6cp = (struct ip6ctlparam *)d;
+ ip6cp = (struct ip6ctlparam *)d;
m = ip6cp->ip6c_m;
ip6 = ip6cp->ip6c_ip6;
off = ip6cp->ip6c_off;
-
- /* translate addresses into internal form */
- bcopy(ip6cp->ip6c_finaldst, &finaldst, sizeof(finaldst));
- if (IN6_IS_ADDR_LINKLOCAL(&finaldst)) {
- finaldst.s6_addr16[1] =
- htons(m->m_pkthdr.rcvif->if_index);
- }
- bcopy(&ip6->ip6_src, &s, sizeof(s));
- if (IN6_IS_ADDR_LINKLOCAL(&s))
- s.s6_addr16[1] = htons(m->m_pkthdr.rcvif->if_index);
} else {
m = NULL;
ip6 = NULL;
@@ -982,6 +972,24 @@
if (ip6) {
/*
+ * Notify the error to all possible sockets via pfctlinput2.
+ * Since the upper layer information (such as protocol type,
+ * source and destination ports) is embedded in the encrypted
+ * data and might have been cut, we can't directly call
+ * an upper layer ctlinput function. However, the pcbnotify
+ * function will consider source and destination addresses
+ * as well as the flow info value, and may be able to find
+ * some PCB that should be notified.
+ * Although pfctlinput2 will call esp6_ctlinput(), there is
+ * no possibility of an infinite loop of function calls,
+ * because we don't pass the inner IPv6 header.
+ */
+ bzero(&ip6cp1, sizeof(ip6cp1));
+ ip6cp1.ip6c_src = ip6cp->ip6c_src;
+ pfctlinput2(cmd, sa, (void *)&ip6cp1);
+
+ /*
+ * Then go to special cases that need ESP header information.
* XXX: We assume that when ip6 is non NULL,
* M and OFF are valid.
*/
@@ -1002,12 +1010,15 @@
if (cmd == PRC_MSGSIZE) {
int valid = 0;
+
/*
* Check to see if we have a valid SA corresponding to
Home |
Main Index |
Thread Index |
Old Index