From owner-svn-src-stable@FreeBSD.ORG Thu Mar 7 23:23:27 2013 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 47B0C88D; Thu, 7 Mar 2013 23:23:27 +0000 (UTC) (envelope-from tuexen@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 3248AA4B; Thu, 7 Mar 2013 23:23:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.6/8.14.6) with ESMTP id r27NNRGD051806; Thu, 7 Mar 2013 23:23:27 GMT (envelope-from tuexen@svn.freebsd.org) Received: (from tuexen@localhost) by svn.freebsd.org (8.14.6/8.14.5/Submit) id r27NNPJx051792; Thu, 7 Mar 2013 23:23:25 GMT (envelope-from tuexen@svn.freebsd.org) Message-Id: <201303072323.r27NNPJx051792@svn.freebsd.org> From: Michael Tuexen Date: Thu, 7 Mar 2013 23:23:25 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r247965 - in stable/8/sys: netinet netinet6 X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Mar 2013 23:23:27 -0000 Author: tuexen Date: Thu Mar 7 23:23:25 2013 New Revision: 247965 URL: http://svnweb.freebsd.org/changeset/base/247965 Log: MFC r237715,r238294: Pass the src and dst address of a received packet explicitly around. Modified: stable/8/sys/netinet/sctp_asconf.c stable/8/sys/netinet/sctp_asconf.h stable/8/sys/netinet/sctp_indata.c stable/8/sys/netinet/sctp_indata.h stable/8/sys/netinet/sctp_input.c stable/8/sys/netinet/sctp_input.h stable/8/sys/netinet/sctp_os_bsd.h stable/8/sys/netinet/sctp_output.c stable/8/sys/netinet/sctp_output.h stable/8/sys/netinet/sctp_pcb.c stable/8/sys/netinet/sctp_pcb.h stable/8/sys/netinet/sctp_usrreq.c stable/8/sys/netinet/sctputil.c stable/8/sys/netinet/sctputil.h stable/8/sys/netinet6/sctp6_usrreq.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/netinet/ (props changed) stable/8/sys/netinet6/ (props changed) Modified: stable/8/sys/netinet/sctp_asconf.c ============================================================================== --- stable/8/sys/netinet/sctp_asconf.c Thu Mar 7 23:18:35 2013 (r247964) +++ stable/8/sys/netinet/sctp_asconf.c Thu Mar 7 23:23:25 2013 (r247965) @@ -50,59 +50,8 @@ __FBSDID("$FreeBSD$"); */ -static void -sctp_asconf_get_source_ip(struct mbuf *m, struct sockaddr *sa) -{ - struct ip *iph; - -#ifdef INET - struct sockaddr_in *sin; - -#endif -#ifdef INET6 - struct sockaddr_in6 *sin6; - -#endif - - iph = mtod(m, struct ip *); - switch (iph->ip_v) { -#ifdef INET - case IPVERSION: - { - /* IPv4 source */ - sin = (struct sockaddr_in *)sa; - bzero(sin, sizeof(*sin)); - sin->sin_family = AF_INET; - sin->sin_len = sizeof(struct sockaddr_in); - sin->sin_port = 0; - sin->sin_addr.s_addr = iph->ip_src.s_addr; - break; - } -#endif -#ifdef INET6 - case (IPV6_VERSION >> 4): - { - /* IPv6 source */ - struct ip6_hdr *ip6; - - sin6 = (struct sockaddr_in6 *)sa; - bzero(sin6, sizeof(*sin6)); - sin6->sin6_family = AF_INET6; - sin6->sin6_len = sizeof(struct sockaddr_in6); - sin6->sin6_port = 0; - ip6 = mtod(m, struct ip6_hdr *); - sin6->sin6_addr = ip6->ip6_src; - break; - } -#endif /* INET6 */ - default: - break; - } - return; -} - /* - * draft-ietf-tsvwg-addip-sctp + * RFC 5061 * * An ASCONF parameter queue exists per asoc which holds the pending address * operations. Lists are updated upon receipt of ASCONF-ACK. @@ -194,12 +143,12 @@ sctp_asconf_error_response(uint32_t id, } static struct mbuf * -sctp_process_asconf_add_ip(struct mbuf *m, struct sctp_asconf_paramhdr *aph, +sctp_process_asconf_add_ip(struct sockaddr *src, struct sctp_asconf_paramhdr *aph, struct sctp_tcb *stcb, int send_hb, int response_required) { struct sctp_nets *net; struct mbuf *m_reply = NULL; - struct sockaddr_storage sa_source, sa_store; + struct sockaddr_storage sa_store; struct sctp_paramhdr *ph; uint16_t param_type, param_length, aparam_length; struct sockaddr *sa; @@ -279,11 +228,10 @@ sctp_process_asconf_add_ip(struct mbuf * /* if 0.0.0.0/::0, add the source address instead */ if (zero_address && SCTP_BASE_SYSCTL(sctp_nat_friendly)) { - sa = (struct sockaddr *)&sa_source; - sctp_asconf_get_source_ip(m, sa); + sa = src; SCTPDBG(SCTP_DEBUG_ASCONF1, "process_asconf_add_ip: using source addr "); - SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); + SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, src); } /* add the address */ if (bad_address) { @@ -343,11 +291,12 @@ sctp_asconf_del_remote_addrs_except(stru } static struct mbuf * -sctp_process_asconf_delete_ip(struct mbuf *m, struct sctp_asconf_paramhdr *aph, +sctp_process_asconf_delete_ip(struct sockaddr *src, + struct sctp_asconf_paramhdr *aph, struct sctp_tcb *stcb, int response_required) { struct mbuf *m_reply = NULL; - struct sockaddr_storage sa_source, sa_store; + struct sockaddr_storage sa_store; struct sctp_paramhdr *ph; uint16_t param_type, param_length, aparam_length; struct sockaddr *sa; @@ -365,9 +314,6 @@ sctp_process_asconf_delete_ip(struct mbu #endif - /* get the source IP address for src and 0.0.0.0/::0 delete checks */ - sctp_asconf_get_source_ip(m, (struct sockaddr *)&sa_source); - aparam_length = ntohs(aph->ph.param_length); ph = (struct sctp_paramhdr *)(aph + 1); param_type = ntohs(ph->param_type); @@ -424,7 +370,7 @@ sctp_process_asconf_delete_ip(struct mbu } /* make sure the source address is not being deleted */ - if (sctp_cmpaddr(sa, (struct sockaddr *)&sa_source)) { + if (sctp_cmpaddr(sa, src)) { /* trying to delete the source address! */ SCTPDBG(SCTP_DEBUG_ASCONF1, "process_asconf_delete_ip: tried to delete source addr\n"); m_reply = sctp_asconf_error_response(aph->correlation_id, @@ -434,8 +380,7 @@ sctp_process_asconf_delete_ip(struct mbu } /* if deleting 0.0.0.0/::0, delete all addresses except src addr */ if (zero_address && SCTP_BASE_SYSCTL(sctp_nat_friendly)) { - result = sctp_asconf_del_remote_addrs_except(stcb, - (struct sockaddr *)&sa_source); + result = sctp_asconf_del_remote_addrs_except(stcb, src); if (result) { /* src address did not exist? */ @@ -475,12 +420,12 @@ sctp_process_asconf_delete_ip(struct mbu } static struct mbuf * -sctp_process_asconf_set_primary(struct mbuf *m, +sctp_process_asconf_set_primary(struct sockaddr *src, struct sctp_asconf_paramhdr *aph, struct sctp_tcb *stcb, int response_required) { struct mbuf *m_reply = NULL; - struct sockaddr_storage sa_source, sa_store; + struct sockaddr_storage sa_store; struct sctp_paramhdr *ph; uint16_t param_type, param_length, aparam_length; struct sockaddr *sa; @@ -550,11 +495,10 @@ sctp_process_asconf_set_primary(struct m /* if 0.0.0.0/::0, use the source address instead */ if (zero_address && SCTP_BASE_SYSCTL(sctp_nat_friendly)) { - sa = (struct sockaddr *)&sa_source; - sctp_asconf_get_source_ip(m, sa); + sa = src; SCTPDBG(SCTP_DEBUG_ASCONF1, "process_asconf_set_primary: using source addr "); - SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, sa); + SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, src); } /* set the primary address */ if (sctp_set_primary_addr(stcb, sa, NULL) == 0) { @@ -626,6 +570,7 @@ sctp_process_asconf_set_primary(struct m */ void sctp_handle_asconf(struct mbuf *m, unsigned int offset, + struct sockaddr *src, struct sctp_asconf_chunk *cp, struct sctp_tcb *stcb, int first) { @@ -762,13 +707,13 @@ sctp_handle_asconf(struct mbuf *m, unsig switch (param_type) { case SCTP_ADD_IP_ADDRESS: asoc->peer_supports_asconf = 1; - m_result = sctp_process_asconf_add_ip(m, aph, stcb, + m_result = sctp_process_asconf_add_ip(src, aph, stcb, (cnt < SCTP_BASE_SYSCTL(sctp_hb_maxburst)), error); cnt++; break; case SCTP_DEL_IP_ADDRESS: asoc->peer_supports_asconf = 1; - m_result = sctp_process_asconf_delete_ip(m, aph, stcb, + m_result = sctp_process_asconf_delete_ip(src, aph, stcb, error); break; case SCTP_ERROR_CAUSE_IND: @@ -776,7 +721,7 @@ sctp_handle_asconf(struct mbuf *m, unsig break; case SCTP_SET_PRIM_ADDR: asoc->peer_supports_asconf = 1; - m_result = sctp_process_asconf_set_primary(m, aph, + m_result = sctp_process_asconf_set_primary(src, aph, stcb, error); break; case SCTP_NAT_VTAGS: @@ -856,11 +801,7 @@ send_reply: * this could happen if the source address was just newly * added */ - struct sockaddr_storage addr; - struct sockaddr *src = (struct sockaddr *)&addr; - SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf: looking up net for IP source address\n"); - sctp_asconf_get_source_ip(m, src); SCTPDBG(SCTP_DEBUG_ASCONF1, "Looking for IP source: "); SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, src); /* look up the from address */ Modified: stable/8/sys/netinet/sctp_asconf.h ============================================================================== --- stable/8/sys/netinet/sctp_asconf.h Thu Mar 7 23:18:35 2013 (r247964) +++ stable/8/sys/netinet/sctp_asconf.h Thu Mar 7 23:23:25 2013 (r247965) @@ -46,8 +46,8 @@ extern void sctp_asconf_cleanup(struct s extern struct mbuf *sctp_compose_asconf(struct sctp_tcb *, int *, int); extern void -sctp_handle_asconf(struct mbuf *, unsigned int, struct sctp_asconf_chunk *, - struct sctp_tcb *, int i); +sctp_handle_asconf(struct mbuf *, unsigned int, struct sockaddr *, + struct sctp_asconf_chunk *, struct sctp_tcb *, int); extern void sctp_handle_asconf_ack(struct mbuf *, int, struct sctp_asconf_ack_chunk *, Modified: stable/8/sys/netinet/sctp_indata.c ============================================================================== --- stable/8/sys/netinet/sctp_indata.c Thu Mar 7 23:18:35 2013 (r247964) +++ stable/8/sys/netinet/sctp_indata.c Thu Mar 7 23:23:25 2013 (r247965) @@ -2516,6 +2516,7 @@ doit_again: int sctp_process_data(struct mbuf **mm, int iphlen, int *offset, int length, + struct sockaddr *src, struct sockaddr *dst, struct sctphdr *sh, struct sctp_inpcb *inp, struct sctp_tcb *stcb, struct sctp_nets *net, uint32_t * high_tsn, uint8_t use_mflowid, uint32_t mflowid, @@ -2626,8 +2627,8 @@ sctp_process_data(struct mbuf **mm, int } stcb->sctp_ep->last_abort_code = SCTP_FROM_SCTP_INDATA + SCTP_LOC_19; - sctp_abort_association(inp, stcb, m, iphlen, sh, - op_err, + sctp_abort_association(inp, stcb, m, iphlen, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); return (2); @@ -2695,6 +2696,7 @@ sctp_process_data(struct mbuf **mm, int op_err = sctp_generate_invmanparam(SCTP_CAUSE_PROTOCOL_VIOLATION); sctp_abort_association(inp, stcb, m, iphlen, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); Modified: stable/8/sys/netinet/sctp_indata.h ============================================================================== --- stable/8/sys/netinet/sctp_indata.h Thu Mar 7 23:18:35 2013 (r247964) +++ stable/8/sys/netinet/sctp_indata.h Thu Mar 7 23:23:25 2013 (r247965) @@ -111,7 +111,9 @@ void sctp_update_acked(struct sctp_tcb *, struct sctp_shutdown_chunk *, int *); int -sctp_process_data(struct mbuf **, int, int *, int, struct sctphdr *, +sctp_process_data(struct mbuf **, int, int *, int, + struct sockaddr *src, struct sockaddr *dst, + struct sctphdr *, struct sctp_inpcb *, struct sctp_tcb *, struct sctp_nets *, uint32_t *, uint8_t, uint32_t, Modified: stable/8/sys/netinet/sctp_input.c ============================================================================== --- stable/8/sys/netinet/sctp_input.c Thu Mar 7 23:18:35 2013 (r247964) +++ stable/8/sys/netinet/sctp_input.c Thu Mar 7 23:23:25 2013 (r247965) @@ -80,7 +80,8 @@ sctp_stop_all_cookie_timers(struct sctp_ /* INIT handler */ static void -sctp_handle_init(struct mbuf *m, int iphlen, int offset, struct sctphdr *sh, +sctp_handle_init(struct mbuf *m, int iphlen, int offset, + struct sockaddr *src, struct sockaddr *dst, struct sctphdr *sh, struct sctp_init_chunk *cp, struct sctp_inpcb *inp, struct sctp_tcb *stcb, int *abort_no_unlock, uint8_t use_mflowid, uint32_t mflowid, @@ -97,7 +98,7 @@ sctp_handle_init(struct mbuf *m, int iph /* validate length */ if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_init_chunk)) { op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); - sctp_abort_association(inp, stcb, m, iphlen, sh, op_err, + sctp_abort_association(inp, stcb, m, iphlen, src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); if (stcb) @@ -109,7 +110,7 @@ sctp_handle_init(struct mbuf *m, int iph if (init->initiate_tag == 0) { /* protocol error... send abort */ op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); - sctp_abort_association(inp, stcb, m, iphlen, sh, op_err, + sctp_abort_association(inp, stcb, m, iphlen, src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); if (stcb) @@ -119,7 +120,7 @@ sctp_handle_init(struct mbuf *m, int iph if (ntohl(init->a_rwnd) < SCTP_MIN_RWND) { /* invalid parameter... send abort */ op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); - sctp_abort_association(inp, stcb, m, iphlen, sh, op_err, + sctp_abort_association(inp, stcb, m, iphlen, src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); if (stcb) @@ -129,7 +130,7 @@ sctp_handle_init(struct mbuf *m, int iph if (init->num_inbound_streams == 0) { /* protocol error... send abort */ op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); - sctp_abort_association(inp, stcb, m, iphlen, sh, op_err, + sctp_abort_association(inp, stcb, m, iphlen, src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); if (stcb) @@ -139,7 +140,7 @@ sctp_handle_init(struct mbuf *m, int iph if (init->num_outbound_streams == 0) { /* protocol error... send abort */ op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); - sctp_abort_association(inp, stcb, m, iphlen, sh, op_err, + sctp_abort_association(inp, stcb, m, iphlen, src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); if (stcb) @@ -149,7 +150,7 @@ sctp_handle_init(struct mbuf *m, int iph if (sctp_validate_init_auth_params(m, offset + sizeof(*cp), offset + ntohs(cp->ch.chunk_length))) { /* auth parameter(s) error... send abort */ - sctp_abort_association(inp, stcb, m, iphlen, sh, NULL, + sctp_abort_association(inp, stcb, m, iphlen, src, dst, sh, NULL, use_mflowid, mflowid, vrf_id, port); if (stcb) @@ -178,7 +179,7 @@ sctp_handle_init(struct mbuf *m, int iph * state :-) */ if (SCTP_BASE_SYSCTL(sctp_blackhole) == 0) { - sctp_send_abort(m, iphlen, sh, 0, NULL, + sctp_send_abort(m, iphlen, src, dst, sh, 0, NULL, use_mflowid, mflowid, vrf_id, port); } @@ -191,7 +192,8 @@ sctp_handle_init(struct mbuf *m, int iph sctp_chunk_output(inp, stcb, SCTP_OUTPUT_FROM_CONTROL_PROC, SCTP_SO_NOT_LOCKED); } else { SCTPDBG(SCTP_DEBUG_INPUT3, "sctp_handle_init: sending INIT-ACK\n"); - sctp_send_initiate_ack(inp, stcb, m, iphlen, offset, sh, cp, + sctp_send_initiate_ack(inp, stcb, m, iphlen, offset, src, dst, + sh, cp, use_mflowid, mflowid, vrf_id, port, ((stcb == NULL) ? SCTP_HOLDS_LOCK : SCTP_NOT_LOCKED)); @@ -419,7 +421,8 @@ sctp_process_init(struct sctp_init_chunk * INIT-ACK message processing/consumption returns value < 0 on error */ static int -sctp_process_init_ack(struct mbuf *m, int iphlen, int offset, struct sctphdr *sh, +sctp_process_init_ack(struct mbuf *m, int iphlen, int offset, + struct sockaddr *src, struct sockaddr *dst, struct sctphdr *sh, struct sctp_init_ack_chunk *cp, struct sctp_tcb *stcb, struct sctp_nets *net, int *abort_no_unlock, uint8_t use_mflowid, uint32_t mflowid, @@ -454,13 +457,14 @@ sctp_process_init_ack(struct mbuf *m, in initack_limit = offset + ntohs(cp->ch.chunk_length); /* load all addresses */ if ((retval = sctp_load_addresses_from_init(stcb, m, - (offset + sizeof(struct sctp_init_chunk)), initack_limit, sh, - NULL))) { + (offset + sizeof(struct sctp_init_chunk)), initack_limit, + src, dst, NULL))) { /* Huh, we should abort */ SCTPDBG(SCTP_DEBUG_INPUT1, "Load addresses from INIT causes an abort %d\n", retval); - sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh, NULL, + sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, + src, dst, sh, NULL, use_mflowid, mflowid, vrf_id, net->port); *abort_no_unlock = 1; @@ -536,7 +540,7 @@ sctp_process_init_ack(struct mbuf *m, in mp->resv = 0; } sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, - sh, op_err, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, net->port); *abort_no_unlock = 1; @@ -1278,7 +1282,8 @@ sctp_handle_error(struct sctp_chunkhdr * } static int -sctp_handle_init_ack(struct mbuf *m, int iphlen, int offset, struct sctphdr *sh, +sctp_handle_init_ack(struct mbuf *m, int iphlen, int offset, + struct sockaddr *src, struct sockaddr *dst, struct sctphdr *sh, struct sctp_init_ack_chunk *cp, struct sctp_tcb *stcb, struct sctp_nets *net, int *abort_no_unlock, uint8_t use_mflowid, uint32_t mflowid, @@ -1298,8 +1303,8 @@ sctp_handle_init_ack(struct mbuf *m, int if (ntohs(cp->ch.chunk_length) < sizeof(struct sctp_init_ack_chunk)) { /* Invalid length */ op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); - sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh, - op_err, + sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, net->port); *abort_no_unlock = 1; @@ -1310,8 +1315,8 @@ sctp_handle_init_ack(struct mbuf *m, int if (init_ack->initiate_tag == 0) { /* protocol error... send an abort */ op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); - sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh, - op_err, + sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, net->port); *abort_no_unlock = 1; @@ -1320,8 +1325,8 @@ sctp_handle_init_ack(struct mbuf *m, int if (ntohl(init_ack->a_rwnd) < SCTP_MIN_RWND) { /* protocol error... send an abort */ op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); - sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh, - op_err, + sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, net->port); *abort_no_unlock = 1; @@ -1330,8 +1335,8 @@ sctp_handle_init_ack(struct mbuf *m, int if (init_ack->num_inbound_streams == 0) { /* protocol error... send an abort */ op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); - sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh, - op_err, + sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, net->port); *abort_no_unlock = 1; @@ -1340,8 +1345,8 @@ sctp_handle_init_ack(struct mbuf *m, int if (init_ack->num_outbound_streams == 0) { /* protocol error... send an abort */ op_err = sctp_generate_invmanparam(SCTP_CAUSE_INVALID_PARAM); - sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, sh, - op_err, + sctp_abort_association(stcb->sctp_ep, stcb, m, iphlen, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, net->port); *abort_no_unlock = 1; @@ -1365,7 +1370,7 @@ sctp_handle_init_ack(struct mbuf *m, int sctp_ulp_notify(SCTP_NOTIFY_INTERFACE_CONFIRMED, stcb, 0, (void *)stcb->asoc.primary_destination, SCTP_SO_NOT_LOCKED); } - if (sctp_process_init_ack(m, iphlen, offset, sh, cp, stcb, + if (sctp_process_init_ack(m, iphlen, offset, src, dst, sh, cp, stcb, net, abort_no_unlock, use_mflowid, mflowid, vrf_id) < 0) { @@ -1419,6 +1424,7 @@ sctp_handle_init_ack(struct mbuf *m, int static struct sctp_tcb * sctp_process_cookie_new(struct mbuf *m, int iphlen, int offset, + struct sockaddr *src, struct sockaddr *dst, struct sctphdr *sh, struct sctp_state_cookie *cookie, int cookie_len, struct sctp_inpcb *inp, struct sctp_nets **netp, struct sockaddr *init_src, int *notification, @@ -1435,6 +1441,7 @@ sctp_process_cookie_new(struct mbuf *m, */ static struct sctp_tcb * sctp_process_cookie_existing(struct mbuf *m, int iphlen, int offset, + struct sockaddr *src, struct sockaddr *dst, struct sctphdr *sh, struct sctp_state_cookie *cookie, int cookie_len, struct sctp_inpcb *inp, struct sctp_tcb *stcb, struct sctp_nets **netp, struct sockaddr *init_src, int *notification, @@ -1477,7 +1484,7 @@ sctp_process_cookie_existing(struct mbuf ph = mtod(op_err, struct sctp_paramhdr *); ph->param_type = htons(SCTP_CAUSE_COOKIE_IN_SHUTDOWN); ph->param_length = htons(sizeof(struct sctp_paramhdr)); - sctp_send_operr_to(m, sh, cookie->peers_vtag, op_err, + sctp_send_operr_to(src, dst, sh, cookie->peers_vtag, op_err, use_mflowid, mflowid, vrf_id, net->port); if (how_indx < sizeof(asoc->cookie_how)) @@ -1642,7 +1649,7 @@ sctp_process_cookie_existing(struct mbuf */ if (sctp_load_addresses_from_init(stcb, m, init_offset + sizeof(struct sctp_init_chunk), - initack_offset, sh, init_src)) { + initack_offset, src, dst, init_src)) { if (how_indx < sizeof(asoc->cookie_how)) asoc->cookie_how[how_indx] = 4; return (NULL); @@ -1703,7 +1710,7 @@ sctp_process_cookie_existing(struct mbuf ph = mtod(op_err, struct sctp_paramhdr *); ph->param_type = htons(SCTP_CAUSE_NAT_COLLIDING_STATE); ph->param_length = htons(sizeof(struct sctp_paramhdr)); - sctp_send_abort(m, iphlen, sh, 0, op_err, + sctp_send_abort(m, iphlen, src, dst, sh, 0, op_err, use_mflowid, mflowid, vrf_id, port); return (NULL); @@ -1786,7 +1793,7 @@ sctp_process_cookie_existing(struct mbuf } if (sctp_load_addresses_from_init(stcb, m, init_offset + sizeof(struct sctp_init_chunk), - initack_offset, sh, init_src)) { + initack_offset, src, dst, init_src)) { if (how_indx < sizeof(asoc->cookie_how)) asoc->cookie_how[how_indx] = 10; return (NULL); @@ -1867,7 +1874,8 @@ sctp_process_cookie_existing(struct mbuf * cookie_new code since we are allowing a duplicate * association. I hope this works... */ - return (sctp_process_cookie_new(m, iphlen, offset, sh, cookie, cookie_len, + return (sctp_process_cookie_new(m, iphlen, offset, src, dst, + sh, cookie, cookie_len, inp, netp, init_src, notification, auth_skipped, auth_offset, auth_len, use_mflowid, mflowid, @@ -1972,7 +1980,7 @@ sctp_process_cookie_existing(struct mbuf if (sctp_load_addresses_from_init(stcb, m, init_offset + sizeof(struct sctp_init_chunk), - initack_offset, sh, init_src)) { + initack_offset, src, dst, init_src)) { if (how_indx < sizeof(asoc->cookie_how)) asoc->cookie_how[how_indx] = 14; @@ -2003,6 +2011,7 @@ sctp_process_cookie_existing(struct mbuf */ static struct sctp_tcb * sctp_process_cookie_new(struct mbuf *m, int iphlen, int offset, + struct sockaddr *src, struct sockaddr *dst, struct sctphdr *sh, struct sctp_state_cookie *cookie, int cookie_len, struct sctp_inpcb *inp, struct sctp_nets **netp, struct sockaddr *init_src, int *notification, @@ -2102,7 +2111,7 @@ sctp_process_cookie_new(struct mbuf *m, op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); sctp_abort_association(inp, (struct sctp_tcb *)NULL, m, iphlen, - sh, op_err, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); return (NULL); @@ -2130,7 +2139,7 @@ sctp_process_cookie_new(struct mbuf *m, atomic_add_int(&stcb->asoc.refcnt, 1); op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); sctp_abort_association(inp, (struct sctp_tcb *)NULL, m, iphlen, - sh, op_err, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); #if defined(__APPLE__) || defined(SCTP_SO_LOCK_TESTING) @@ -2179,8 +2188,8 @@ sctp_process_cookie_new(struct mbuf *m, } /* load all addresses */ if (sctp_load_addresses_from_init(stcb, m, - init_offset + sizeof(struct sctp_init_chunk), initack_offset, sh, - init_src)) { + init_offset + sizeof(struct sctp_init_chunk), initack_offset, + src, dst, init_src)) { atomic_add_int(&stcb->asoc.refcnt, 1); #if defined(__APPLE__) || defined(SCTP_SO_LOCK_TESTING) SCTP_TCB_UNLOCK(stcb); @@ -2376,6 +2385,7 @@ sctp_process_cookie_new(struct mbuf *m, */ static struct mbuf * sctp_handle_cookie_echo(struct mbuf *m, int iphlen, int offset, + struct sockaddr *src, struct sockaddr *dst, struct sctphdr *sh, struct sctp_cookie_echo_chunk *cp, struct sctp_inpcb **inp_p, struct sctp_tcb **stcb, struct sctp_nets **netp, int auth_skipped, uint32_t auth_offset, uint32_t auth_len, @@ -2396,9 +2406,6 @@ sctp_handle_cookie_echo(struct mbuf *m, unsigned int cookie_len; struct timeval now; struct timeval time_expires; - struct sockaddr_storage dest_store; - struct sockaddr *localep_sa = (struct sockaddr *)&dest_store; - struct ip *iph; int notification = 0; struct sctp_nets *netl; int had_a_existing_tcb = 0; @@ -2419,45 +2426,6 @@ sctp_handle_cookie_echo(struct mbuf *m, if (inp_p == NULL) { return (NULL); } - /* First get the destination address setup too. */ - iph = mtod(m, struct ip *); - switch (iph->ip_v) { -#ifdef INET - case IPVERSION: - { - /* its IPv4 */ - struct sockaddr_in *lsin; - - lsin = (struct sockaddr_in *)(localep_sa); - memset(lsin, 0, sizeof(*lsin)); - lsin->sin_family = AF_INET; - lsin->sin_len = sizeof(*lsin); - lsin->sin_port = sh->dest_port; - lsin->sin_addr.s_addr = iph->ip_dst.s_addr; - break; - } -#endif -#ifdef INET6 - case IPV6_VERSION >> 4: - { - /* its IPv6 */ - struct ip6_hdr *ip6; - struct sockaddr_in6 *lsin6; - - lsin6 = (struct sockaddr_in6 *)(localep_sa); - memset(lsin6, 0, sizeof(*lsin6)); - lsin6->sin6_family = AF_INET6; - lsin6->sin6_len = sizeof(struct sockaddr_in6); - ip6 = mtod(m, struct ip6_hdr *); - lsin6->sin6_port = sh->dest_port; - lsin6->sin6_addr = ip6->ip6_dst; - break; - } -#endif - default: - return (NULL); - } - cookie = &cp->cookie; cookie_offset = offset + sizeof(struct sctp_chunkhdr); cookie_len = ntohs(cp->ch.chunk_length); @@ -2608,7 +2576,7 @@ sctp_handle_cookie_echo(struct mbuf *m, if (tim == 0) tim = now.tv_usec - cookie->time_entered.tv_usec; scm->time_usec = htonl(tim); - sctp_send_operr_to(m, sh, cookie->peers_vtag, op_err, + sctp_send_operr_to(src, dst, sh, cookie->peers_vtag, op_err, use_mflowid, mflowid, vrf_id, port); return (NULL); @@ -2652,7 +2620,7 @@ sctp_handle_cookie_echo(struct mbuf *m, } if ((*stcb == NULL) && to) { /* Yep, lets check */ - *stcb = sctp_findassociation_ep_addr(inp_p, to, netp, localep_sa, NULL); + *stcb = sctp_findassociation_ep_addr(inp_p, to, netp, dst, NULL); if (*stcb == NULL) { /* * We should have only got back the same inp. If we @@ -2695,15 +2663,17 @@ sctp_handle_cookie_echo(struct mbuf *m, cookie_len -= SCTP_SIGNATURE_SIZE; if (*stcb == NULL) { /* this is the "normal" case... get a new TCB */ - *stcb = sctp_process_cookie_new(m, iphlen, offset, sh, cookie, - cookie_len, *inp_p, netp, to, ¬ification, + *stcb = sctp_process_cookie_new(m, iphlen, offset, src, dst, sh, + cookie, cookie_len, *inp_p, + netp, to, ¬ification, auth_skipped, auth_offset, auth_len, use_mflowid, mflowid, vrf_id, port); } else { /* this is abnormal... cookie-echo on existing TCB */ had_a_existing_tcb = 1; - *stcb = sctp_process_cookie_existing(m, iphlen, offset, sh, + *stcb = sctp_process_cookie_existing(m, iphlen, offset, + src, dst, sh, cookie, cookie_len, *inp_p, *stcb, netp, to, ¬ification, auth_skipped, auth_offset, auth_len, use_mflowid, mflowid, @@ -2788,7 +2758,7 @@ sctp_handle_cookie_echo(struct mbuf *m, SCTPDBG(SCTP_DEBUG_INPUT1, "process_cookie_new: no room for another socket!\n"); op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); sctp_abort_association(*inp_p, NULL, m, iphlen, - sh, op_err, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); #if defined(__APPLE__) || defined(SCTP_SO_LOCK_TESTING) @@ -4404,6 +4374,7 @@ __attribute__((noinline)) #endif static struct sctp_tcb * sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, + struct sockaddr *src, struct sockaddr *dst, struct sctphdr *sh, struct sctp_chunkhdr *ch, struct sctp_inpcb *inp, struct sctp_tcb *stcb, struct sctp_nets **netp, int *fwd_tsn_seen, uint8_t use_mflowid, uint32_t mflowid, @@ -4520,7 +4491,9 @@ __attribute__((noinline)) if (asconf_len < sizeof(struct sctp_asconf_paramhdr)) break; stcb = sctp_findassociation_ep_asconf(m, - *offset, sh, &inp, netp, vrf_id); + *offset, + dst, + sh, &inp, netp, vrf_id); if (stcb != NULL) break; asconf_offset += SCTP_SIZE32(asconf_len); @@ -4562,7 +4535,7 @@ __attribute__((noinline)) } if (stcb == NULL) { /* no association, so it's out of the blue... */ - sctp_handle_ootb(m, iphlen, *offset, sh, inp, + sctp_handle_ootb(m, iphlen, *offset, src, dst, sh, inp, use_mflowid, mflowid, vrf_id, port); *offset = length; @@ -4600,7 +4573,8 @@ __attribute__((noinline)) if (locked_tcb) { SCTP_TCB_UNLOCK(locked_tcb); } - sctp_handle_ootb(m, iphlen, *offset, sh, inp, + sctp_handle_ootb(m, iphlen, *offset, src, dst, + sh, inp, use_mflowid, mflowid, vrf_id, port); return (NULL); @@ -4742,8 +4716,8 @@ process_control_chunks: /* The INIT chunk must be the only chunk. */ if ((num_chunks > 1) || (length - *offset > (int)SCTP_SIZE32(chk_length))) { - sctp_abort_association(inp, stcb, m, - iphlen, sh, NULL, + sctp_abort_association(inp, stcb, m, iphlen, + src, dst, sh, NULL, use_mflowid, mflowid, vrf_id, port); *offset = length; @@ -4754,14 +4728,14 @@ process_control_chunks: struct mbuf *op_err; op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); - sctp_abort_association(inp, stcb, m, - iphlen, sh, op_err, + sctp_abort_association(inp, stcb, m, iphlen, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); *offset = length; return (NULL); } - sctp_handle_init(m, iphlen, *offset, sh, + sctp_handle_init(m, iphlen, *offset, src, dst, sh, (struct sctp_init_chunk *)ch, inp, stcb, &abort_no_unlock, use_mflowid, mflowid, @@ -4813,7 +4787,8 @@ process_control_chunks: return (NULL); } if ((netp) && (*netp)) { - ret = sctp_handle_init_ack(m, iphlen, *offset, sh, + ret = sctp_handle_init_ack(m, iphlen, *offset, + src, dst, sh, (struct sctp_init_ack_chunk *)ch, stcb, *netp, &abort_no_unlock, @@ -5123,8 +5098,8 @@ process_control_chunks: struct mbuf *op_err; op_err = sctp_generate_invmanparam(SCTP_CAUSE_OUT_OF_RESC); - sctp_abort_association(inp, stcb, m, - iphlen, sh, op_err, + sctp_abort_association(inp, stcb, m, iphlen, + src, dst, sh, op_err, use_mflowid, mflowid, vrf_id, port); } @@ -5151,7 +5126,9 @@ process_control_chunks: if (netp) { ret_buf = sctp_handle_cookie_echo(m, iphlen, - *offset, sh, + *offset, + src, dst, + sh, (struct sctp_cookie_echo_chunk *)ch, &inp, &stcb, netp, auth_skipped, @@ -5314,7 +5291,7 @@ process_control_chunks: __LINE__); } stcb->asoc.overall_error_count = 0; - sctp_handle_asconf(m, *offset, + sctp_handle_asconf(m, *offset, src, (struct sctp_asconf_chunk *)ch, stcb, asconf_cnt == 0); asconf_cnt++; } @@ -5610,8 +5587,9 @@ __attribute__((noinline)) * common input chunk processing (v4 and v6) */ void -sctp_common_input_processing(struct mbuf **mm, int iphlen, int offset, - int length, struct sctphdr *sh, struct sctp_chunkhdr *ch, +sctp_common_input_processing(struct mbuf **mm, int iphlen, int offset, int length, + struct sockaddr *src, struct sockaddr *dst, + struct sctphdr *sh, struct sctp_chunkhdr *ch, struct sctp_inpcb *inp, struct sctp_tcb *stcb, struct sctp_nets *net, uint8_t ecn_bits, uint8_t use_mflowid, uint32_t mflowid, @@ -5650,7 +5628,7 @@ sctp_common_input_processing(struct mbuf * NOT respond to any packet.. its OOTB. */ SCTP_TCB_UNLOCK(stcb); - sctp_handle_ootb(m, iphlen, offset, sh, inp, + sctp_handle_ootb(m, iphlen, offset, src, dst, sh, inp, use_mflowid, mflowid, vrf_id, port); goto out_now; @@ -5659,7 +5637,8 @@ sctp_common_input_processing(struct mbuf if (IS_SCTP_CONTROL(ch)) { /* process the control portion of the SCTP packet */ /* sa_ignore NO_NULL_CHK */ - stcb = sctp_process_control(m, iphlen, &offset, length, sh, ch, + stcb = sctp_process_control(m, iphlen, &offset, length, + src, dst, sh, ch, inp, stcb, &net, &fwd_tsn_seen, use_mflowid, mflowid, vrf_id, port); @@ -5697,7 +5676,7 @@ sctp_common_input_processing(struct mbuf } if (stcb == NULL) { /* out of the blue DATA chunk */ - sctp_handle_ootb(m, iphlen, offset, sh, inp, + sctp_handle_ootb(m, iphlen, offset, src, dst, sh, inp, use_mflowid, mflowid, vrf_id, port); goto out_now; @@ -5767,7 +5746,7 @@ sctp_common_input_processing(struct mbuf /* * We consider OOTB any data sent during asoc setup. */ - sctp_handle_ootb(m, iphlen, offset, sh, inp, + sctp_handle_ootb(m, iphlen, offset, src, dst, sh, inp, use_mflowid, mflowid, vrf_id, port); SCTP_TCB_UNLOCK(stcb); @@ -5788,7 +5767,8 @@ sctp_common_input_processing(struct mbuf break; } /* plow through the data chunks while length > offset */ - retval = sctp_process_data(mm, iphlen, &offset, length, sh, + retval = sctp_process_data(mm, iphlen, &offset, length, + src, dst, sh, inp, stcb, net, &high_tsn, use_mflowid, mflowid, vrf_id, port); @@ -5883,6 +5863,7 @@ sctp_input_with_port(struct mbuf *i_pak, int iphlen; uint32_t vrf_id = 0; uint8_t ecn_bits; + struct sockaddr_in src, dst; struct ip *ip; struct sctphdr *sh; struct sctp_chunkhdr *ch; @@ -5932,18 +5913,27 @@ sctp_input_with_port(struct mbuf *i_pak, SCTP_STAT_INCR(sctps_recvpackets); SCTP_STAT_INCR_COUNTER64(sctps_inpackets); /* Get IP, SCTP, and first chunk header together in the first mbuf. */ - ip = mtod(m, struct ip *); offset = iphlen + sizeof(struct sctphdr) + sizeof(struct sctp_chunkhdr); if (SCTP_BUF_LEN(m) < offset) { - if ((m = m_pullup(m, offset)) == 0) { + if ((m = m_pullup(m, offset)) == NULL) { SCTP_STAT_INCR(sctps_hdrops); return; } - ip = mtod(m, struct ip *); } + ip = mtod(m, struct ip *); sh = (struct sctphdr *)((caddr_t)ip + iphlen); ch = (struct sctp_chunkhdr *)((caddr_t)sh + sizeof(struct sctphdr)); offset -= sizeof(struct sctp_chunkhdr); + memset(&src, 0, sizeof(struct sockaddr_in)); + src.sin_family = AF_INET; + src.sin_len = sizeof(struct sockaddr_in); + src.sin_port = sh->src_port; + src.sin_addr = ip->ip_src; + memset(&dst, 0, sizeof(struct sockaddr_in)); + dst.sin_family = AF_INET; + dst.sin_len = sizeof(struct sockaddr_in); + dst.sin_port = sh->dest_port; + dst.sin_addr = ip->ip_dst; length = ip->ip_len + iphlen; /* Validate mbuf chain length with IP payload length. */ if (SCTP_HEADER_LEN(i_pak) != length) { @@ -5953,10 +5943,10 @@ sctp_input_with_port(struct mbuf *i_pak, goto bad; } /* SCTP does not allow broadcasts or multicasts */ - if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) { + if (IN_MULTICAST(ntohl(dst.sin_addr.s_addr))) { goto bad; } - if (SCTP_IS_IT_BROADCAST(ip->ip_dst, m)) { + if (SCTP_IS_IT_BROADCAST(dst.sin_addr, m)) { goto bad; } SCTPDBG(SCTP_DEBUG_INPUT1, @@ -5982,6 +5972,8 @@ sctp_input_with_port(struct mbuf *i_pak, SCTPDBG(SCTP_DEBUG_INPUT1, "Bad CSUM on SCTP packet calc_check:%x check:%x m:%p mlen:%d iphlen:%d\n", calc_check, check, m, length, iphlen); stcb = sctp_findassociation_addr(m, offset, + (struct sockaddr *)&src, + (struct sockaddr *)&dst, sh, ch, &inp, &net, vrf_id); if ((net) && (port)) { if (net->port == 0) { @@ -6013,6 +6005,8 @@ sctp_skip_csum: goto bad; } stcb = sctp_findassociation_addr(m, offset, + (struct sockaddr *)&src, + (struct sockaddr *)&dst, sh, ch, &inp, &net, vrf_id); if ((net) && (port)) { if (net->port == 0) { @@ -6031,7 +6025,9 @@ sctp_skip_csum: if (badport_bandlim(BANDLIM_SCTP_OOTB) < 0) goto bad; if (ch->chunk_type == SCTP_SHUTDOWN_ACK) { - sctp_send_shutdown_complete2(m, sh, + sctp_send_shutdown_complete2((struct sockaddr *)&src, + (struct sockaddr *)&dst, + sh, use_mflowid, mflowid, vrf_id, port); goto bad; @@ -6043,7 +6039,10 @@ sctp_skip_csum: if ((SCTP_BASE_SYSCTL(sctp_blackhole) == 0) || ((SCTP_BASE_SYSCTL(sctp_blackhole) == 1) && (ch->chunk_type != SCTP_INIT))) { - sctp_send_abort(m, iphlen, sh, 0, NULL, + sctp_send_abort(m, iphlen, + (struct sockaddr *)&src, + (struct sockaddr *)&dst, + sh, 0, NULL, use_mflowid, mflowid, vrf_id, port); } @@ -6066,8 +6065,10 @@ sctp_skip_csum: ecn_bits = ip->ip_tos; /* sa_ignore NO_NULL_CHK */ - sctp_common_input_processing(&m, iphlen, offset, length, sh, ch, - inp, stcb, net, ecn_bits, + sctp_common_input_processing(&m, iphlen, offset, length, + (struct sockaddr *)&src, + (struct sockaddr *)&dst, + sh, ch, inp, stcb, net, ecn_bits, use_mflowid, mflowid, vrf_id, port); if (m) { @@ -6119,15 +6120,14 @@ sctp_input(struct mbuf *m, int off) * No flow id built by lower layers fix it so we * create one. */ - ip = mtod(m, struct ip *); - offset = off + sizeof(*sh); + offset = off + sizeof(struct sctphdr); if (SCTP_BUF_LEN(m) < offset) { - if ((m = m_pullup(m, offset)) == 0) { + if ((m = m_pullup(m, offset)) == NULL) { SCTP_STAT_INCR(sctps_hdrops); return; } - ip = mtod(m, struct ip *); } + ip = mtod(m, struct ip *); sh = (struct sctphdr *)((caddr_t)ip + off); tag = htonl(sh->v_tag); flowid = tag ^ ntohs(sh->dest_port) ^ ntohs(sh->src_port); Modified: stable/8/sys/netinet/sctp_input.h ============================================================================== --- stable/8/sys/netinet/sctp_input.h Thu Mar 7 23:18:35 2013 (r247964) +++ stable/8/sys/netinet/sctp_input.h Thu Mar 7 23:23:25 2013 (r247965) @@ -39,6 +39,7 @@ __FBSDID("$FreeBSD$"); #if defined(_KERNEL) || defined(__Userspace__) void sctp_common_input_processing(struct mbuf **, int, int, int, + struct sockaddr *, struct sockaddr *, struct sctphdr *, struct sctp_chunkhdr *, struct sctp_inpcb *, struct sctp_tcb *, struct sctp_nets *, uint8_t, Modified: stable/8/sys/netinet/sctp_os_bsd.h ============================================================================== --- stable/8/sys/netinet/sctp_os_bsd.h Thu Mar 7 23:18:35 2013 (r247964) +++ stable/8/sys/netinet/sctp_os_bsd.h Thu Mar 7 23:23:25 2013 (r247965) @@ -177,18 +177,9 @@ MALLOC_DECLARE(SCTP_M_MCORE); } \ } while (0); \ } -#define SCTPDBG_PKT(level, iph, sh) \ -{ \ - do { \ - if (SCTP_BASE_SYSCTL(sctp_debug_on) & level) { \ - sctp_print_address_pkt(iph, sh); \ - } \ - } while (0); \ -} #else #define SCTPDBG(level, params...) #define SCTPDBG_ADDR(level, addr) *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***