File: | src/sbin/iked/vroute.c |
Warning: | line 220, column 7 Use of memory after it is freed |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: vroute.c,v 1.19 2023/06/13 12:34:12 tb Exp $ */ | |||
2 | ||||
3 | /* | |||
4 | * Copyright (c) 2021 Tobias Heider <tobhe@openbsd.org> | |||
5 | * | |||
6 | * Permission to use, copy, modify, and distribute this software for any | |||
7 | * purpose with or without fee is hereby granted, provided that the above | |||
8 | * copyright notice and this permission notice appear in all copies. | |||
9 | * | |||
10 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | |||
11 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |||
12 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | |||
13 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |||
14 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |||
15 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |||
16 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |||
17 | */ | |||
18 | ||||
19 | #include <sys/ioctl.h> | |||
20 | ||||
21 | #include <net/if.h> | |||
22 | #include <net/route.h> | |||
23 | #include <netinet/in.h> | |||
24 | #include <netinet6/in6_var.h> | |||
25 | #include <netinet6/nd6.h> | |||
26 | ||||
27 | #include <event.h> | |||
28 | #include <err.h> | |||
29 | #include <errno(*__errno()).h> | |||
30 | #include <poll.h> | |||
31 | #include <string.h> | |||
32 | #include <strings.h> | |||
33 | #include <unistd.h> | |||
34 | #include <netdb.h> | |||
35 | ||||
36 | #include <iked.h> | |||
37 | ||||
38 | #define ROUTE_SOCKET_BUF_SIZE16384 16384 | |||
39 | #define IKED_VROUTE_PRIO6 6 | |||
40 | ||||
41 | #define ROUNDUP(a)(a>0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long )) (a>0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long)) | |||
42 | ||||
43 | int vroute_setroute(struct iked *, uint32_t, struct sockaddr *, uint8_t, | |||
44 | struct sockaddr *, int); | |||
45 | int vroute_doroute(struct iked *, int, int, int, uint8_t, struct sockaddr *, | |||
46 | struct sockaddr *, struct sockaddr *, int *); | |||
47 | int vroute_doaddr(struct iked *, char *, struct sockaddr *, struct sockaddr *, int); | |||
48 | int vroute_dodns(struct iked *, struct sockaddr *, int, unsigned int); | |||
49 | void vroute_cleanup(struct iked *); | |||
50 | void vroute_rtmsg_cb(int, short, void *); | |||
51 | ||||
52 | void vroute_insertaddr(struct iked *, int, struct sockaddr *, struct sockaddr *); | |||
53 | void vroute_removeaddr(struct iked *, int, struct sockaddr *, struct sockaddr *); | |||
54 | void vroute_insertdns(struct iked *, int, struct sockaddr *); | |||
55 | void vroute_removedns(struct iked *, int, struct sockaddr *); | |||
56 | void vroute_insertroute(struct iked *, int, struct sockaddr *, struct sockaddr *); | |||
57 | void vroute_removeroute(struct iked *, int, struct sockaddr *, struct sockaddr *); | |||
58 | ||||
59 | struct vroute_addr { | |||
60 | int va_ifidx; | |||
61 | struct sockaddr_storage va_addr; | |||
62 | struct sockaddr_storage va_mask; | |||
63 | TAILQ_ENTRY(vroute_addr)struct { struct vroute_addr *tqe_next; struct vroute_addr **tqe_prev ; } va_entry; | |||
64 | }; | |||
65 | TAILQ_HEAD(vroute_addrs, vroute_addr)struct vroute_addrs { struct vroute_addr *tqh_first; struct vroute_addr **tqh_last; }; | |||
66 | ||||
67 | struct vroute_route { | |||
68 | int vr_rdomain; | |||
69 | int vr_flags; | |||
70 | struct sockaddr_storage vr_dest; | |||
71 | struct sockaddr_storage vr_mask; | |||
72 | TAILQ_ENTRY(vroute_route)struct { struct vroute_route *tqe_next; struct vroute_route * *tqe_prev; } vr_entry; | |||
73 | }; | |||
74 | TAILQ_HEAD(vroute_routes, vroute_route)struct vroute_routes { struct vroute_route *tqh_first; struct vroute_route **tqh_last; }; | |||
75 | ||||
76 | struct vroute_dns { | |||
77 | struct sockaddr_storage vd_addr; | |||
78 | int vd_ifidx; | |||
79 | TAILQ_ENTRY(vroute_dns)struct { struct vroute_dns *tqe_next; struct vroute_dns **tqe_prev ; } vd_entry; | |||
80 | }; | |||
81 | TAILQ_HEAD(vroute_dnss, vroute_dns)struct vroute_dnss { struct vroute_dns *tqh_first; struct vroute_dns **tqh_last; }; | |||
82 | ||||
83 | struct iked_vroute_sc { | |||
84 | struct vroute_addrs ivr_addrs; | |||
85 | struct vroute_routes ivr_routes; | |||
86 | struct vroute_dnss ivr_dnss; | |||
87 | struct event ivr_routeev; | |||
88 | int ivr_iosock; | |||
89 | int ivr_iosock6; | |||
90 | int ivr_rtsock; | |||
91 | int ivr_rtseq; | |||
92 | pid_t ivr_pid; | |||
93 | }; | |||
94 | ||||
95 | struct vroute_msg { | |||
96 | struct rt_msghdr vm_rtm; | |||
97 | uint8_t vm_space[512]; | |||
98 | }; | |||
99 | ||||
100 | int vroute_process(struct iked *, int msglen, struct vroute_msg *, | |||
101 | struct sockaddr *, struct sockaddr *, struct sockaddr *, int *); | |||
102 | ||||
103 | void | |||
104 | vroute_rtmsg_cb(int fd, short events, void *arg) | |||
105 | { | |||
106 | struct iked *env = (struct iked *) arg; | |||
107 | struct iked_vroute_sc *ivr = env->sc_vroute; | |||
108 | struct vroute_dns *dns; | |||
109 | static uint8_t *buf; | |||
110 | struct rt_msghdr *rtm; | |||
111 | ssize_t n; | |||
112 | ||||
113 | if (buf == NULL((void *)0)) { | |||
114 | buf = malloc(ROUTE_SOCKET_BUF_SIZE16384); | |||
115 | if (buf == NULL((void *)0)) | |||
116 | fatal("malloc"); | |||
117 | } | |||
118 | rtm = (struct rt_msghdr *)buf; | |||
119 | if ((n = read(fd, buf, ROUTE_SOCKET_BUF_SIZE16384)) == -1) { | |||
120 | if (errno(*__errno()) == EAGAIN35 || errno(*__errno()) == EINTR4) | |||
121 | return; | |||
122 | log_warn("%s: read error", __func__); | |||
123 | return; | |||
124 | } | |||
125 | ||||
126 | if (n == 0) | |||
127 | fatal("routing socket closed"); | |||
128 | ||||
129 | if (n < (ssize_t)sizeof(rtm->rtm_msglen) || n < rtm->rtm_msglen) { | |||
130 | log_warnx("partial rtm of %zd in buffer", n); | |||
131 | return; | |||
132 | } | |||
133 | ||||
134 | if (rtm->rtm_version != RTM_VERSION5) | |||
135 | return; | |||
136 | ||||
137 | switch(rtm->rtm_type) { | |||
138 | case RTM_PROPOSAL0x13: | |||
139 | if (rtm->rtm_priority == RTP_PROPOSAL_SOLICIT62) { | |||
140 | TAILQ_FOREACH(dns, &ivr->ivr_dnss, vd_entry)for((dns) = ((&ivr->ivr_dnss)->tqh_first); (dns) != ((void *)0); (dns) = ((dns)->vd_entry.tqe_next)) { | |||
141 | log_debug("%s: got solicit", __func__); | |||
142 | vroute_dodns(env, (struct sockaddr *) &dns->vd_addr, | |||
143 | 1, dns->vd_ifidx); | |||
144 | } | |||
145 | } | |||
146 | break; | |||
147 | default: | |||
148 | log_debug("%s: unexpected RTM: %d", __func__, rtm->rtm_type); | |||
149 | break; | |||
150 | } | |||
151 | } | |||
152 | ||||
153 | void | |||
154 | vroute_init(struct iked *env) | |||
155 | { | |||
156 | struct iked_vroute_sc *ivr; | |||
157 | int rtfilter; | |||
158 | ||||
159 | ivr = calloc(1, sizeof(*ivr)); | |||
160 | if (ivr == NULL((void *)0)) | |||
161 | fatal("%s: calloc.", __func__); | |||
162 | ||||
163 | if ((ivr->ivr_iosock = socket(AF_INET2, SOCK_DGRAM2, 0)) == -1) | |||
164 | fatal("%s: failed to create ioctl socket", __func__); | |||
165 | ||||
166 | if ((ivr->ivr_iosock6 = socket(AF_INET624, SOCK_DGRAM2, 0)) == -1) | |||
167 | fatal("%s: failed to create ioctl socket", __func__); | |||
168 | ||||
169 | if ((ivr->ivr_rtsock = socket(AF_ROUTE17, SOCK_RAW3, AF_UNSPEC0)) == -1) | |||
170 | fatal("%s: failed to create routing socket", __func__); | |||
171 | ||||
172 | rtfilter = ROUTE_FILTER(RTM_GET)(1 << (0x4)) | ROUTE_FILTER(RTM_PROPOSAL)(1 << (0x13)); | |||
173 | if (setsockopt(ivr->ivr_rtsock, AF_ROUTE17, ROUTE_MSGFILTER1, &rtfilter, | |||
174 | sizeof(rtfilter)) == -1) | |||
175 | fatal("%s: setsockopt(ROUTE_MSGFILTER)", __func__); | |||
176 | ||||
177 | TAILQ_INIT(&ivr->ivr_addrs)do { (&ivr->ivr_addrs)->tqh_first = ((void *)0); (& ivr->ivr_addrs)->tqh_last = &(&ivr->ivr_addrs )->tqh_first; } while (0); | |||
178 | TAILQ_INIT(&ivr->ivr_dnss)do { (&ivr->ivr_dnss)->tqh_first = ((void *)0); (& ivr->ivr_dnss)->tqh_last = &(&ivr->ivr_dnss) ->tqh_first; } while (0); | |||
179 | TAILQ_INIT(&ivr->ivr_routes)do { (&ivr->ivr_routes)->tqh_first = ((void *)0); ( &ivr->ivr_routes)->tqh_last = &(&ivr->ivr_routes )->tqh_first; } while (0); | |||
180 | ||||
181 | ivr->ivr_pid = getpid(); | |||
182 | ||||
183 | env->sc_vroute = ivr; | |||
184 | ||||
185 | event_set(&ivr->ivr_routeev, ivr->ivr_rtsock, EV_READ0x02 | EV_PERSIST0x10, | |||
186 | vroute_rtmsg_cb, env); | |||
187 | event_add(&ivr->ivr_routeev, NULL((void *)0)); | |||
188 | } | |||
189 | ||||
190 | void | |||
191 | vroute_cleanup(struct iked *env) | |||
192 | { | |||
193 | char ifname[IF_NAMESIZE16]; | |||
194 | struct iked_vroute_sc *ivr = env->sc_vroute; | |||
195 | struct vroute_addr *addr; | |||
196 | struct vroute_route *route; | |||
197 | struct vroute_dns *dns; | |||
198 | ||||
199 | while ((addr = TAILQ_FIRST(&ivr->ivr_addrs)((&ivr->ivr_addrs)->tqh_first))) { | |||
| ||||
200 | if_indextoname(addr->va_ifidx, ifname); | |||
201 | vroute_doaddr(env, ifname, | |||
202 | (struct sockaddr *)&addr->va_addr, | |||
203 | (struct sockaddr *)&addr->va_mask, 0); | |||
204 | TAILQ_REMOVE(&ivr->ivr_addrs, addr, va_entry)do { if (((addr)->va_entry.tqe_next) != ((void *)0)) (addr )->va_entry.tqe_next->va_entry.tqe_prev = (addr)->va_entry .tqe_prev; else (&ivr->ivr_addrs)->tqh_last = (addr )->va_entry.tqe_prev; *(addr)->va_entry.tqe_prev = (addr )->va_entry.tqe_next; ; ; } while (0); | |||
205 | free(addr); | |||
206 | } | |||
207 | ||||
208 | while ((route = TAILQ_FIRST(&ivr->ivr_routes)((&ivr->ivr_routes)->tqh_first))) { | |||
209 | vroute_doroute(env, RTF_UP0x1 | RTF_GATEWAY0x2 | RTF_STATIC0x800, | |||
210 | route->vr_flags, route->vr_rdomain, RTM_DELETE0x2, | |||
211 | (struct sockaddr *)&route->vr_dest, | |||
212 | (struct sockaddr *)&route->vr_mask, | |||
213 | NULL((void *)0), NULL((void *)0)); | |||
214 | TAILQ_REMOVE(&ivr->ivr_routes, route, vr_entry)do { if (((route)->vr_entry.tqe_next) != ((void *)0)) (route )->vr_entry.tqe_next->vr_entry.tqe_prev = (route)->vr_entry .tqe_prev; else (&ivr->ivr_routes)->tqh_last = (route )->vr_entry.tqe_prev; *(route)->vr_entry.tqe_prev = (route )->vr_entry.tqe_next; ; ; } while (0); | |||
215 | free(route); | |||
216 | } | |||
217 | ||||
218 | while ((dns = TAILQ_FIRST(&ivr->ivr_dnss)((&ivr->ivr_dnss)->tqh_first))) { | |||
219 | vroute_dodns(env, (struct sockaddr *)&dns->vd_addr, 0, | |||
220 | dns->vd_ifidx); | |||
| ||||
221 | TAILQ_REMOVE(&ivr->ivr_dnss, dns, vd_entry)do { if (((dns)->vd_entry.tqe_next) != ((void *)0)) (dns)-> vd_entry.tqe_next->vd_entry.tqe_prev = (dns)->vd_entry. tqe_prev; else (&ivr->ivr_dnss)->tqh_last = (dns)-> vd_entry.tqe_prev; *(dns)->vd_entry.tqe_prev = (dns)->vd_entry .tqe_next; ; ; } while (0); | |||
222 | free(dns); | |||
223 | } | |||
224 | } | |||
225 | ||||
226 | int | |||
227 | vroute_setaddr(struct iked *env, int add, struct sockaddr *addr, | |||
228 | int mask, unsigned int ifidx) | |||
229 | { | |||
230 | struct iovec iov[4]; | |||
231 | int iovcnt; | |||
232 | struct sockaddr_in mask4; | |||
233 | struct sockaddr_in6 mask6; | |||
234 | ||||
235 | iovcnt = 0; | |||
236 | iov[0].iov_base = addr; | |||
237 | iov[0].iov_len = addr->sa_len; | |||
238 | iovcnt++; | |||
239 | ||||
240 | switch(addr->sa_family) { | |||
241 | case AF_INET2: | |||
242 | bzero(&mask, sizeof(mask)); | |||
243 | mask4.sin_addr.s_addr = prefixlen2mask(mask ? mask : 32); | |||
244 | mask4.sin_family = AF_INET2; | |||
245 | mask4.sin_len = sizeof(mask4); | |||
246 | ||||
247 | iov[1].iov_base = &mask4; | |||
248 | iov[1].iov_len = sizeof(mask4); | |||
249 | iovcnt++; | |||
250 | break; | |||
251 | case AF_INET624: | |||
252 | bzero(&mask6, sizeof(mask6)); | |||
253 | prefixlen2mask6(mask ? mask : 128, | |||
254 | (uint32_t *)&mask6.sin6_addr.s6_addr__u6_addr.__u6_addr8); | |||
255 | mask6.sin6_family = AF_INET624; | |||
256 | mask6.sin6_len = sizeof(mask6); | |||
257 | iov[1].iov_base = &mask6; | |||
258 | iov[1].iov_len = sizeof(mask6); | |||
259 | iovcnt++; | |||
260 | break; | |||
261 | default: | |||
262 | return -1; | |||
263 | } | |||
264 | ||||
265 | iov[2].iov_base = &ifidx; | |||
266 | iov[2].iov_len = sizeof(ifidx); | |||
267 | iovcnt++; | |||
268 | ||||
269 | return (proc_composev(&env->sc_ps, PROC_PARENT, | |||
270 | add ? IMSG_IF_ADDADDR : IMSG_IF_DELADDR, iov, iovcnt)); | |||
271 | } | |||
272 | ||||
273 | int | |||
274 | vroute_getaddr(struct iked *env, struct imsg *imsg) | |||
275 | { | |||
276 | char ifname[IF_NAMESIZE16]; | |||
277 | struct sockaddr *addr, *mask; | |||
278 | uint8_t *ptr; | |||
279 | size_t left; | |||
280 | int af, add; | |||
281 | unsigned int ifidx; | |||
282 | ||||
283 | ptr = imsg->data; | |||
284 | left = IMSG_DATA_SIZE(imsg)((imsg)->hdr.len - sizeof(struct imsg_hdr)); | |||
285 | ||||
286 | if (left < sizeof(*addr)) | |||
287 | fatalx("bad length imsg received"); | |||
288 | ||||
289 | addr = (struct sockaddr *) ptr; | |||
290 | af = addr->sa_family; | |||
291 | ||||
292 | if (left < addr->sa_len) | |||
293 | fatalx("bad length imsg received"); | |||
294 | ptr += addr->sa_len; | |||
295 | left -= addr->sa_len; | |||
296 | ||||
297 | if (left < sizeof(*mask)) | |||
298 | fatalx("bad length imsg received"); | |||
299 | mask = (struct sockaddr *) ptr; | |||
300 | if (mask->sa_family != af) | |||
301 | return (-1); | |||
302 | ||||
303 | if (left < mask->sa_len) | |||
304 | fatalx("bad length imsg received"); | |||
305 | ptr += mask->sa_len; | |||
306 | left -= mask->sa_len; | |||
307 | ||||
308 | if (left != sizeof(ifidx)) | |||
309 | fatalx("bad length imsg received"); | |||
310 | memcpy(&ifidx, ptr, sizeof(ifidx)); | |||
311 | ptr += sizeof(ifidx); | |||
312 | left -= sizeof(ifidx); | |||
313 | ||||
314 | add = (imsg->hdr.type == IMSG_IF_ADDADDR); | |||
315 | /* Store address for cleanup */ | |||
316 | if (add) | |||
317 | vroute_insertaddr(env, ifidx, addr, mask); | |||
318 | else | |||
319 | vroute_removeaddr(env, ifidx, addr, mask); | |||
320 | ||||
321 | if_indextoname(ifidx, ifname); | |||
322 | return (vroute_doaddr(env, ifname, addr, mask, add)); | |||
323 | } | |||
324 | ||||
325 | int | |||
326 | vroute_setdns(struct iked *env, int add, struct sockaddr *addr, | |||
327 | unsigned int ifidx) | |||
328 | { | |||
329 | struct iovec iov[2]; | |||
330 | ||||
331 | iov[0].iov_base = addr; | |||
332 | iov[0].iov_len = addr->sa_len; | |||
333 | ||||
334 | iov[1].iov_base = &ifidx; | |||
335 | iov[1].iov_len = sizeof(ifidx); | |||
336 | ||||
337 | return (proc_composev(&env->sc_ps, PROC_PARENT, | |||
338 | add ? IMSG_VDNS_ADD: IMSG_VDNS_DEL, iov, 2)); | |||
339 | } | |||
340 | ||||
341 | int | |||
342 | vroute_getdns(struct iked *env, struct imsg *imsg) | |||
343 | { | |||
344 | struct sockaddr *dns; | |||
345 | uint8_t *ptr; | |||
346 | size_t left; | |||
347 | int add; | |||
348 | unsigned int ifidx; | |||
349 | ||||
350 | ptr = imsg->data; | |||
351 | left = IMSG_DATA_SIZE(imsg)((imsg)->hdr.len - sizeof(struct imsg_hdr)); | |||
352 | ||||
353 | if (left < sizeof(*dns)) | |||
354 | fatalx("bad length imsg received"); | |||
355 | ||||
356 | dns = (struct sockaddr *) ptr; | |||
357 | if (left < dns->sa_len) | |||
358 | fatalx("bad length imsg received"); | |||
359 | ptr += dns->sa_len; | |||
360 | left -= dns->sa_len; | |||
361 | ||||
362 | if (left != sizeof(ifidx)) | |||
363 | fatalx("bad length imsg received"); | |||
364 | memcpy(&ifidx, ptr, sizeof(ifidx)); | |||
365 | ptr += sizeof(ifidx); | |||
366 | left -= sizeof(ifidx); | |||
367 | ||||
368 | add = (imsg->hdr.type == IMSG_VDNS_ADD); | |||
369 | if (add) { | |||
370 | vroute_insertdns(env, ifidx, dns); | |||
371 | } else { | |||
372 | vroute_removedns(env, ifidx, dns); | |||
373 | } | |||
374 | ||||
375 | return (vroute_dodns(env, dns, add, ifidx)); | |||
376 | } | |||
377 | ||||
378 | void | |||
379 | vroute_insertroute(struct iked *env, int rdomain, struct sockaddr *dest, | |||
380 | struct sockaddr *mask) | |||
381 | { | |||
382 | struct iked_vroute_sc *ivr = env->sc_vroute; | |||
383 | struct vroute_route *route; | |||
384 | ||||
385 | route = calloc(1, sizeof(*route)); | |||
386 | if (route == NULL((void *)0)) | |||
387 | fatalx("%s: calloc.", __func__); | |||
388 | ||||
389 | if (dest != NULL((void *)0)) { | |||
390 | route->vr_flags |= RTA_DST0x1; | |||
391 | memcpy(&route->vr_dest, dest, dest->sa_len); | |||
392 | } | |||
393 | if (mask != NULL((void *)0)) { | |||
394 | route->vr_flags |= RTA_NETMASK0x4; | |||
395 | memcpy(&route->vr_mask, mask, mask->sa_len); | |||
396 | } | |||
397 | route->vr_rdomain = rdomain; | |||
398 | ||||
399 | TAILQ_INSERT_TAIL(&ivr->ivr_routes, route, vr_entry)do { (route)->vr_entry.tqe_next = ((void *)0); (route)-> vr_entry.tqe_prev = (&ivr->ivr_routes)->tqh_last; * (&ivr->ivr_routes)->tqh_last = (route); (&ivr-> ivr_routes)->tqh_last = &(route)->vr_entry.tqe_next ; } while (0); | |||
400 | } | |||
401 | ||||
402 | void | |||
403 | vroute_removeroute(struct iked *env, int rdomain, struct sockaddr *dest, | |||
404 | struct sockaddr *mask) | |||
405 | { | |||
406 | struct iked_vroute_sc *ivr = env->sc_vroute; | |||
407 | struct vroute_route *route, *troute; | |||
408 | ||||
409 | TAILQ_FOREACH_SAFE(route, &ivr->ivr_routes, vr_entry, troute)for ((route) = ((&ivr->ivr_routes)->tqh_first); (route ) != ((void *)0) && ((troute) = ((route)->vr_entry .tqe_next), 1); (route) = (troute)) { | |||
410 | if (sockaddr_cmp(dest, (struct sockaddr *)&route->vr_dest, -1)) | |||
411 | continue; | |||
412 | if (mask && !(route->vr_flags & RTA_NETMASK0x4)) | |||
413 | continue; | |||
414 | if (mask && | |||
415 | sockaddr_cmp(mask, (struct sockaddr *)&route->vr_mask, -1)) | |||
416 | continue; | |||
417 | if (rdomain != route->vr_rdomain) | |||
418 | continue; | |||
419 | TAILQ_REMOVE(&ivr->ivr_routes, route, vr_entry)do { if (((route)->vr_entry.tqe_next) != ((void *)0)) (route )->vr_entry.tqe_next->vr_entry.tqe_prev = (route)->vr_entry .tqe_prev; else (&ivr->ivr_routes)->tqh_last = (route )->vr_entry.tqe_prev; *(route)->vr_entry.tqe_prev = (route )->vr_entry.tqe_next; ; ; } while (0); | |||
420 | free(route); | |||
421 | } | |||
422 | } | |||
423 | ||||
424 | void | |||
425 | vroute_insertdns(struct iked *env, int ifidx, struct sockaddr *addr) | |||
426 | { | |||
427 | struct iked_vroute_sc *ivr = env->sc_vroute; | |||
428 | struct vroute_dns *dns; | |||
429 | ||||
430 | dns = calloc(1, sizeof(*dns)); | |||
431 | if (dns == NULL((void *)0)) | |||
432 | fatalx("%s: calloc.", __func__); | |||
433 | ||||
434 | memcpy(&dns->vd_addr, addr, addr->sa_len); | |||
435 | dns->vd_ifidx = ifidx; | |||
436 | ||||
437 | TAILQ_INSERT_TAIL(&ivr->ivr_dnss, dns, vd_entry)do { (dns)->vd_entry.tqe_next = ((void *)0); (dns)->vd_entry .tqe_prev = (&ivr->ivr_dnss)->tqh_last; *(&ivr-> ivr_dnss)->tqh_last = (dns); (&ivr->ivr_dnss)->tqh_last = &(dns)->vd_entry.tqe_next; } while (0); | |||
438 | } | |||
439 | ||||
440 | void | |||
441 | vroute_removedns(struct iked *env, int ifidx, struct sockaddr *addr) | |||
442 | { | |||
443 | struct iked_vroute_sc *ivr = env->sc_vroute; | |||
444 | struct vroute_dns *dns, *tdns; | |||
445 | ||||
446 | TAILQ_FOREACH_SAFE(dns, &ivr->ivr_dnss, vd_entry, tdns)for ((dns) = ((&ivr->ivr_dnss)->tqh_first); (dns) != ((void *)0) && ((tdns) = ((dns)->vd_entry.tqe_next ), 1); (dns) = (tdns)) { | |||
447 | if (ifidx != dns->vd_ifidx) | |||
448 | continue; | |||
449 | if (sockaddr_cmp(addr, (struct sockaddr *) &dns->vd_addr, -1)) | |||
450 | continue; | |||
451 | ||||
452 | TAILQ_REMOVE(&ivr->ivr_dnss, dns, vd_entry)do { if (((dns)->vd_entry.tqe_next) != ((void *)0)) (dns)-> vd_entry.tqe_next->vd_entry.tqe_prev = (dns)->vd_entry. tqe_prev; else (&ivr->ivr_dnss)->tqh_last = (dns)-> vd_entry.tqe_prev; *(dns)->vd_entry.tqe_prev = (dns)->vd_entry .tqe_next; ; ; } while (0); | |||
453 | free(dns); | |||
454 | } | |||
455 | } | |||
456 | ||||
457 | void | |||
458 | vroute_insertaddr(struct iked *env, int ifidx, struct sockaddr *addr, | |||
459 | struct sockaddr *mask) | |||
460 | { | |||
461 | struct iked_vroute_sc *ivr = env->sc_vroute; | |||
462 | struct vroute_addr *vaddr; | |||
463 | ||||
464 | vaddr = calloc(1, sizeof(*vaddr)); | |||
465 | if (vaddr == NULL((void *)0)) | |||
466 | fatalx("%s: calloc.", __func__); | |||
467 | ||||
468 | memcpy(&vaddr->va_addr, addr, addr->sa_len); | |||
469 | memcpy(&vaddr->va_mask, mask, mask->sa_len); | |||
470 | vaddr->va_ifidx = ifidx; | |||
471 | ||||
472 | TAILQ_INSERT_TAIL(&ivr->ivr_addrs, vaddr, va_entry)do { (vaddr)->va_entry.tqe_next = ((void *)0); (vaddr)-> va_entry.tqe_prev = (&ivr->ivr_addrs)->tqh_last; *( &ivr->ivr_addrs)->tqh_last = (vaddr); (&ivr-> ivr_addrs)->tqh_last = &(vaddr)->va_entry.tqe_next; } while (0); | |||
473 | } | |||
474 | ||||
475 | void | |||
476 | vroute_removeaddr(struct iked *env, int ifidx, struct sockaddr *addr, | |||
477 | struct sockaddr *mask) | |||
478 | { | |||
479 | struct iked_vroute_sc *ivr = env->sc_vroute; | |||
480 | struct vroute_addr *vaddr, *tvaddr; | |||
481 | ||||
482 | TAILQ_FOREACH_SAFE(vaddr, &ivr->ivr_addrs, va_entry, tvaddr)for ((vaddr) = ((&ivr->ivr_addrs)->tqh_first); (vaddr ) != ((void *)0) && ((tvaddr) = ((vaddr)->va_entry .tqe_next), 1); (vaddr) = (tvaddr)) { | |||
483 | if (sockaddr_cmp(addr, (struct sockaddr *)&vaddr->va_addr, -1)) | |||
484 | continue; | |||
485 | if (sockaddr_cmp(mask, (struct sockaddr *)&vaddr->va_mask, -1)) | |||
486 | continue; | |||
487 | if (ifidx != vaddr->va_ifidx) | |||
488 | continue; | |||
489 | TAILQ_REMOVE(&ivr->ivr_addrs, vaddr, va_entry)do { if (((vaddr)->va_entry.tqe_next) != ((void *)0)) (vaddr )->va_entry.tqe_next->va_entry.tqe_prev = (vaddr)->va_entry .tqe_prev; else (&ivr->ivr_addrs)->tqh_last = (vaddr )->va_entry.tqe_prev; *(vaddr)->va_entry.tqe_prev = (vaddr )->va_entry.tqe_next; ; ; } while (0); | |||
490 | free(vaddr); | |||
491 | } | |||
492 | } | |||
493 | ||||
494 | int | |||
495 | vroute_setaddroute(struct iked *env, uint8_t rdomain, struct sockaddr *dst, | |||
496 | uint8_t mask, struct sockaddr *ifa) | |||
497 | { | |||
498 | return (vroute_setroute(env, rdomain, dst, mask, ifa, | |||
499 | IMSG_VROUTE_ADD)); | |||
500 | } | |||
501 | ||||
502 | int | |||
503 | vroute_setcloneroute(struct iked *env, uint8_t rdomain, struct sockaddr *dst, | |||
504 | uint8_t mask, struct sockaddr *addr) | |||
505 | { | |||
506 | return (vroute_setroute(env, rdomain, dst, mask, addr, | |||
507 | IMSG_VROUTE_CLONE)); | |||
508 | } | |||
509 | ||||
510 | int | |||
511 | vroute_setdelroute(struct iked *env, uint8_t rdomain, struct sockaddr *dst, | |||
512 | uint8_t mask, struct sockaddr *addr) | |||
513 | { | |||
514 | return (vroute_setroute(env, rdomain, dst, mask, addr, | |||
515 | IMSG_VROUTE_DEL)); | |||
516 | } | |||
517 | ||||
518 | int | |||
519 | vroute_setroute(struct iked *env, uint32_t rdomain, struct sockaddr *dst, | |||
520 | uint8_t mask, struct sockaddr *addr, int type) | |||
521 | { | |||
522 | struct sockaddr_storage sa; | |||
523 | struct sockaddr_in *in; | |||
524 | struct sockaddr_in6 *in6; | |||
525 | struct iovec iov[5]; | |||
526 | int iovcnt = 0; | |||
527 | uint8_t af; | |||
528 | ||||
529 | if (addr && dst->sa_family != addr->sa_family) | |||
530 | return (-1); | |||
531 | af = dst->sa_family; | |||
532 | ||||
533 | iov[iovcnt].iov_base = &rdomain; | |||
534 | iov[iovcnt].iov_len = sizeof(rdomain); | |||
535 | iovcnt++; | |||
536 | ||||
537 | iov[iovcnt].iov_base = dst; | |||
538 | iov[iovcnt].iov_len = dst->sa_len; | |||
539 | iovcnt++; | |||
540 | ||||
541 | if (type != IMSG_VROUTE_CLONE && addr) { | |||
542 | bzero(&sa, sizeof(sa)); | |||
543 | switch(af) { | |||
544 | case AF_INET2: | |||
545 | in = (struct sockaddr_in *)&sa; | |||
546 | in->sin_addr.s_addr = prefixlen2mask(mask); | |||
547 | in->sin_family = af; | |||
548 | in->sin_len = sizeof(*in); | |||
549 | iov[iovcnt].iov_base = in; | |||
550 | iov[iovcnt].iov_len = sizeof(*in); | |||
551 | iovcnt++; | |||
552 | break; | |||
553 | case AF_INET624: | |||
554 | in6 = (struct sockaddr_in6 *)&sa; | |||
555 | prefixlen2mask6(mask, | |||
556 | (uint32_t *)in6->sin6_addr.s6_addr__u6_addr.__u6_addr8); | |||
557 | in6->sin6_family = af; | |||
558 | in6->sin6_len = sizeof(*in6); | |||
559 | iov[iovcnt].iov_base = in6; | |||
560 | iov[iovcnt].iov_len = sizeof(*in6); | |||
561 | iovcnt++; | |||
562 | break; | |||
563 | } | |||
564 | ||||
565 | iov[iovcnt].iov_base = addr; | |||
566 | iov[iovcnt].iov_len = addr->sa_len; | |||
567 | iovcnt++; | |||
568 | } | |||
569 | ||||
570 | return (proc_composev(&env->sc_ps, PROC_PARENT, type, iov, iovcnt)); | |||
571 | } | |||
572 | ||||
573 | int | |||
574 | vroute_getroute(struct iked *env, struct imsg *imsg) | |||
575 | { | |||
576 | struct sockaddr *dest, *mask = NULL((void *)0), *gateway = NULL((void *)0); | |||
577 | uint8_t *ptr; | |||
578 | size_t left; | |||
579 | int addrs = 0; | |||
580 | int type, flags; | |||
581 | uint32_t rdomain; | |||
582 | ||||
583 | ptr = (uint8_t *)imsg->data; | |||
584 | left = IMSG_DATA_SIZE(imsg)((imsg)->hdr.len - sizeof(struct imsg_hdr)); | |||
585 | ||||
586 | if (left < sizeof(rdomain)) | |||
587 | return (-1); | |||
588 | rdomain = *ptr; | |||
589 | ptr += sizeof(rdomain); | |||
590 | left -= sizeof(rdomain); | |||
591 | ||||
592 | if (left < sizeof(struct sockaddr)) | |||
593 | return (-1); | |||
594 | dest = (struct sockaddr *)ptr; | |||
595 | if (left < dest->sa_len) | |||
596 | return (-1); | |||
597 | socket_setport(dest, 0); | |||
598 | ptr += dest->sa_len; | |||
599 | left -= dest->sa_len; | |||
600 | addrs |= RTA_DST0x1; | |||
601 | ||||
602 | flags = RTF_UP0x1 | RTF_GATEWAY0x2 | RTF_STATIC0x800; | |||
603 | if (left != 0) { | |||
604 | if (left < sizeof(struct sockaddr)) | |||
605 | return (-1); | |||
606 | mask = (struct sockaddr *)ptr; | |||
607 | if (left < mask->sa_len) | |||
608 | return (-1); | |||
609 | socket_setport(mask, 0); | |||
610 | ptr += mask->sa_len; | |||
611 | left -= mask->sa_len; | |||
612 | addrs |= RTA_NETMASK0x4; | |||
613 | ||||
614 | if (left < sizeof(struct sockaddr)) | |||
615 | return (-1); | |||
616 | gateway = (struct sockaddr *)ptr; | |||
617 | if (left < gateway->sa_len) | |||
618 | return (-1); | |||
619 | socket_setport(gateway, 0); | |||
620 | ptr += gateway->sa_len; | |||
621 | left -= gateway->sa_len; | |||
622 | addrs |= RTA_GATEWAY0x2; | |||
623 | } else { | |||
624 | flags |= RTF_HOST0x4; | |||
625 | } | |||
626 | ||||
627 | switch(imsg->hdr.type) { | |||
628 | case IMSG_VROUTE_ADD: | |||
629 | type = RTM_ADD0x1; | |||
630 | break; | |||
631 | case IMSG_VROUTE_DEL: | |||
632 | type = RTM_DELETE0x2; | |||
633 | break; | |||
634 | } | |||
635 | ||||
636 | if (type == RTM_ADD0x1) | |||
637 | vroute_insertroute(env, rdomain, dest, mask); | |||
638 | else | |||
639 | vroute_removeroute(env, rdomain, dest, mask); | |||
640 | return (vroute_doroute(env, flags, addrs, rdomain, type, | |||
641 | dest, mask, gateway, NULL((void *)0))); | |||
642 | } | |||
643 | ||||
644 | int | |||
645 | vroute_getcloneroute(struct iked *env, struct imsg *imsg) | |||
646 | { | |||
647 | struct sockaddr *dst; | |||
648 | struct sockaddr_storage dest; | |||
649 | struct sockaddr_storage mask; | |||
650 | struct sockaddr_storage addr; | |||
651 | uint8_t *ptr; | |||
652 | size_t left; | |||
653 | uint32_t rdomain; | |||
654 | int flags; | |||
655 | int addrs; | |||
656 | int need_gw; | |||
657 | ||||
658 | ptr = (uint8_t *)imsg->data; | |||
659 | left = IMSG_DATA_SIZE(imsg)((imsg)->hdr.len - sizeof(struct imsg_hdr)); | |||
660 | ||||
661 | if (left < sizeof(rdomain)) | |||
662 | return (-1); | |||
663 | rdomain = *ptr; | |||
664 | ptr += sizeof(rdomain); | |||
665 | left -= sizeof(rdomain); | |||
666 | ||||
667 | bzero(&dest, sizeof(dest)); | |||
668 | bzero(&mask, sizeof(mask)); | |||
669 | bzero(&addr, sizeof(addr)); | |||
670 | ||||
671 | if (left < sizeof(struct sockaddr)) | |||
672 | return (-1); | |||
673 | dst = (struct sockaddr *)ptr; | |||
674 | if (left < dst->sa_len) | |||
675 | return (-1); | |||
676 | memcpy(&dest, dst, dst->sa_len); | |||
677 | ptr += dst->sa_len; | |||
678 | left -= dst->sa_len; | |||
679 | ||||
680 | /* Get route to peer */ | |||
681 | flags = RTF_UP0x1 | RTF_HOST0x4 | RTF_STATIC0x800; | |||
682 | if (vroute_doroute(env, flags, RTA_DST0x1, rdomain, RTM_GET0x4, | |||
683 | (struct sockaddr *)&dest, (struct sockaddr *)&mask, | |||
684 | (struct sockaddr *)&addr, &need_gw)) | |||
685 | return (-1); | |||
686 | ||||
687 | if (need_gw) | |||
688 | flags |= RTF_GATEWAY0x2; | |||
689 | ||||
690 | memcpy(&dest, dst, dst->sa_len); | |||
691 | socket_setport((struct sockaddr *)&dest, 0); | |||
692 | vroute_insertroute(env, rdomain, (struct sockaddr *)&dest, NULL((void *)0)); | |||
693 | ||||
694 | /* Set explicit route to peer with gateway addr*/ | |||
695 | addrs = RTA_DST0x1 | RTA_GATEWAY0x2 | RTA_NETMASK0x4; | |||
696 | return (vroute_doroute(env, flags, addrs, rdomain, RTM_ADD0x1, | |||
697 | (struct sockaddr *)&dest, (struct sockaddr *)&mask, | |||
698 | (struct sockaddr *)&addr, NULL((void *)0))); | |||
699 | } | |||
700 | ||||
701 | int | |||
702 | vroute_dodns(struct iked *env, struct sockaddr *dns, int add, | |||
703 | unsigned int ifidx) | |||
704 | { | |||
705 | struct vroute_msg m_rtmsg; | |||
706 | struct sockaddr_in *in; | |||
707 | struct sockaddr_in6 *in6; | |||
708 | struct sockaddr_rtdns rtdns; | |||
709 | struct iked_vroute_sc *ivr = env->sc_vroute; | |||
710 | struct iovec iov[3]; | |||
711 | int i; | |||
712 | long pad = 0; | |||
713 | int iovcnt = 0, padlen; | |||
714 | ||||
715 | bzero(&m_rtmsg, sizeof(m_rtmsg)); | |||
716 | #define rtm m_rtmsg.vm_rtm | |||
717 | rtm.rtm_version = RTM_VERSION5; | |||
718 | rtm.rtm_type = RTM_PROPOSAL0x13; | |||
719 | rtm.rtm_seq = ++ivr->ivr_rtseq; | |||
720 | rtm.rtm_priority = RTP_PROPOSAL_STATIC57; | |||
721 | rtm.rtm_flags = RTF_UP0x1; | |||
722 | rtm.rtm_addrs = RTA_DNS0x1000; | |||
723 | rtm.rtm_index = ifidx; | |||
724 | ||||
725 | iov[iovcnt].iov_base = &rtm; | |||
726 | iov[iovcnt].iov_len = sizeof(rtm); | |||
727 | iovcnt++; | |||
728 | ||||
729 | bzero(&rtdns, sizeof(rtdns)); | |||
730 | rtdns.sr_family = dns->sa_family; | |||
731 | rtdns.sr_len = 2; | |||
732 | if (add) { | |||
733 | switch(dns->sa_family) { | |||
734 | case AF_INET2: | |||
735 | rtdns.sr_family = AF_INET2; | |||
736 | rtdns.sr_len += sizeof(struct in_addr); | |||
737 | in = (struct sockaddr_in *)dns; | |||
738 | memcpy(rtdns.sr_dns, &in->sin_addr, sizeof(struct in_addr)); | |||
739 | break; | |||
740 | case AF_INET624: | |||
741 | rtdns.sr_family = AF_INET624; | |||
742 | rtdns.sr_len += sizeof(struct in6_addr); | |||
743 | in6 = (struct sockaddr_in6 *)dns; | |||
744 | memcpy(rtdns.sr_dns, &in6->sin6_addr, sizeof(struct in6_addr)); | |||
745 | break; | |||
746 | default: | |||
747 | return (-1); | |||
748 | } | |||
749 | } | |||
750 | iov[iovcnt].iov_base = &rtdns; | |||
751 | iov[iovcnt++].iov_len = sizeof(rtdns); | |||
752 | padlen = ROUNDUP(sizeof(rtdns))(sizeof(rtdns)>0 ? (1 + (((sizeof(rtdns)) - 1) | (sizeof(long ) - 1))) : sizeof(long)) - sizeof(rtdns); | |||
753 | if (padlen > 0) { | |||
754 | iov[iovcnt].iov_base = &pad; | |||
755 | iov[iovcnt++].iov_len = padlen; | |||
756 | } | |||
757 | ||||
758 | for (i = 0; i < iovcnt; i++) | |||
759 | rtm.rtm_msglen += iov[i].iov_len; | |||
760 | #undef rtm | |||
761 | ||||
762 | if (writev(ivr->ivr_rtsock, iov, iovcnt) == -1) | |||
763 | log_warn("failed to send route message"); | |||
764 | ||||
765 | return (0); | |||
766 | } | |||
767 | ||||
768 | int | |||
769 | vroute_doroute(struct iked *env, int flags, int addrs, int rdomain, uint8_t type, | |||
770 | struct sockaddr *dest, struct sockaddr *mask, struct sockaddr *addr, int *need_gw) | |||
771 | { | |||
772 | struct vroute_msg m_rtmsg; | |||
773 | struct iovec iov[7]; | |||
774 | struct iked_vroute_sc *ivr = env->sc_vroute; | |||
775 | ssize_t len; | |||
776 | int iovcnt = 0; | |||
777 | int i; | |||
778 | long pad = 0; | |||
779 | size_t padlen; | |||
780 | ||||
781 | bzero(&m_rtmsg, sizeof(m_rtmsg)); | |||
782 | #define rtm m_rtmsg.vm_rtm | |||
783 | rtm.rtm_version = RTM_VERSION5; | |||
784 | rtm.rtm_tableid = rdomain; | |||
785 | rtm.rtm_type = type; | |||
786 | rtm.rtm_seq = ++ivr->ivr_rtseq; | |||
787 | if (type != RTM_GET0x4) | |||
788 | rtm.rtm_priority = IKED_VROUTE_PRIO6; | |||
789 | rtm.rtm_flags = flags; | |||
790 | rtm.rtm_addrs = addrs; | |||
791 | ||||
792 | iov[iovcnt].iov_base = &rtm; | |||
793 | iov[iovcnt].iov_len = sizeof(rtm); | |||
794 | iovcnt++; | |||
795 | ||||
796 | if (rtm.rtm_addrs & RTA_DST0x1) { | |||
797 | iov[iovcnt].iov_base = dest; | |||
798 | iov[iovcnt].iov_len = dest->sa_len; | |||
799 | iovcnt++; | |||
800 | padlen = ROUNDUP(dest->sa_len)(dest->sa_len>0 ? (1 + (((dest->sa_len) - 1) | (sizeof (long) - 1))) : sizeof(long)) - dest->sa_len; | |||
801 | if (padlen > 0) { | |||
802 | iov[iovcnt].iov_base = &pad; | |||
803 | iov[iovcnt].iov_len = padlen; | |||
804 | iovcnt++; | |||
805 | } | |||
806 | } | |||
807 | ||||
808 | if (rtm.rtm_addrs & RTA_GATEWAY0x2) { | |||
809 | iov[iovcnt].iov_base = addr; | |||
810 | iov[iovcnt].iov_len = addr->sa_len; | |||
811 | iovcnt++; | |||
812 | padlen = ROUNDUP(addr->sa_len)(addr->sa_len>0 ? (1 + (((addr->sa_len) - 1) | (sizeof (long) - 1))) : sizeof(long)) - addr->sa_len; | |||
813 | if (padlen > 0) { | |||
814 | iov[iovcnt].iov_base = &pad; | |||
815 | iov[iovcnt].iov_len = padlen; | |||
816 | iovcnt++; | |||
817 | } | |||
818 | } | |||
819 | ||||
820 | if (rtm.rtm_addrs & RTA_NETMASK0x4) { | |||
821 | iov[iovcnt].iov_base = mask; | |||
822 | iov[iovcnt].iov_len = mask->sa_len; | |||
823 | iovcnt++; | |||
824 | padlen = ROUNDUP(mask->sa_len)(mask->sa_len>0 ? (1 + (((mask->sa_len) - 1) | (sizeof (long) - 1))) : sizeof(long)) - mask->sa_len; | |||
825 | if (padlen > 0) { | |||
826 | iov[iovcnt].iov_base = &pad; | |||
827 | iov[iovcnt].iov_len = padlen; | |||
828 | iovcnt++; | |||
829 | } | |||
830 | } | |||
831 | ||||
832 | for (i = 0; i < iovcnt; i++) | |||
833 | rtm.rtm_msglen += iov[i].iov_len; | |||
834 | ||||
835 | log_debug("%s: len: %u type: %s rdomain: %d flags %x (%s%s)" | |||
836 | " addrs %x (dst %s mask %s gw %s)", __func__, rtm.rtm_msglen, | |||
837 | type == RTM_ADD0x1 ? "RTM_ADD" : type == RTM_DELETE0x2 ? "RTM_DELETE" : | |||
838 | type == RTM_GET0x4 ? "RTM_GET" : "unknown", rdomain, | |||
839 | flags, | |||
840 | flags & RTF_HOST0x4 ? "H" : "", | |||
841 | flags & RTF_GATEWAY0x2 ? "G" : "", | |||
842 | addrs, | |||
843 | addrs & RTA_DST0x1 ? print_addr(dest) : "<>", | |||
844 | addrs & RTA_NETMASK0x4 ? print_addr(mask) : "<>", | |||
845 | addrs & RTA_GATEWAY0x2 ? print_addr(addr) : "<>"); | |||
846 | ||||
847 | if (writev(ivr->ivr_rtsock, iov, iovcnt) == -1) { | |||
848 | if ((type == RTM_ADD0x1 && errno(*__errno()) != EEXIST17) || | |||
849 | (type == RTM_DELETE0x2 && errno(*__errno()) != ESRCH3)) { | |||
850 | log_warn("%s: write %d", __func__, rtm.rtm_errno); | |||
851 | return (0); | |||
852 | } | |||
853 | } | |||
854 | ||||
855 | if (type == RTM_GET0x4) { | |||
856 | do { | |||
857 | len = read(ivr->ivr_rtsock, &m_rtmsg, sizeof(m_rtmsg)); | |||
858 | } while(len > 0 && (rtm.rtm_version != RTM_VERSION5 || | |||
859 | rtm.rtm_seq != ivr->ivr_rtseq || rtm.rtm_pid != ivr->ivr_pid)); | |||
860 | return (vroute_process(env, len, &m_rtmsg, dest, mask, addr, need_gw)); | |||
861 | } | |||
862 | #undef rtm | |||
863 | ||||
864 | return (0); | |||
865 | } | |||
866 | ||||
867 | int | |||
868 | vroute_process(struct iked *env, int msglen, struct vroute_msg *m_rtmsg, | |||
869 | struct sockaddr *dest, struct sockaddr *mask, struct sockaddr *addr, int *need_gw) | |||
870 | { | |||
871 | struct sockaddr *sa; | |||
872 | char *cp; | |||
873 | int i; | |||
874 | ||||
875 | #define rtm m_rtmsg->vm_rtm | |||
876 | if (rtm.rtm_version != RTM_VERSION5) { | |||
877 | warnx("routing message version %u not understood", | |||
878 | rtm.rtm_version); | |||
879 | return (-1); | |||
880 | } | |||
881 | if (rtm.rtm_msglen > msglen) { | |||
882 | warnx("message length mismatch, in packet %u, returned %d", | |||
883 | rtm.rtm_msglen, msglen); | |||
884 | return (-1); | |||
885 | } | |||
886 | if (rtm.rtm_errno) { | |||
887 | warnx("RTM_GET: %s (errno %d)", | |||
888 | strerror(rtm.rtm_errno), rtm.rtm_errno); | |||
889 | return (-1); | |||
890 | } | |||
891 | cp = m_rtmsg->vm_space; | |||
892 | *need_gw = rtm.rtm_flags & RTF_GATEWAY0x2; | |||
893 | if(rtm.rtm_addrs) { | |||
894 | for (i = 1; i; i <<= 1) { | |||
895 | if (i & rtm.rtm_addrs) { | |||
896 | sa = (struct sockaddr *)cp; | |||
897 | switch(i) { | |||
898 | case RTA_DST0x1: | |||
899 | memcpy(dest, cp, sa->sa_len); | |||
900 | break; | |||
901 | case RTA_NETMASK0x4: | |||
902 | memcpy(mask, cp, sa->sa_len); | |||
903 | break; | |||
904 | case RTA_GATEWAY0x2: | |||
905 | memcpy(addr, cp, sa->sa_len); | |||
906 | break; | |||
907 | } | |||
908 | cp += ROUNDUP(sa->sa_len)(sa->sa_len>0 ? (1 + (((sa->sa_len) - 1) | (sizeof(long ) - 1))) : sizeof(long)); | |||
909 | } | |||
910 | } | |||
911 | } | |||
912 | #undef rtm | |||
913 | return (0); | |||
914 | } | |||
915 | ||||
916 | int | |||
917 | vroute_doaddr(struct iked *env, char *ifname, struct sockaddr *addr, | |||
918 | struct sockaddr *mask, int add) | |||
919 | { | |||
920 | struct iked_vroute_sc *ivr = env->sc_vroute; | |||
921 | struct ifaliasreq req; | |||
922 | struct in6_aliasreq req6; | |||
923 | unsigned long ioreq; | |||
924 | int af; | |||
925 | ||||
926 | af = addr->sa_family; | |||
927 | switch (af) { | |||
928 | case AF_INET2: | |||
929 | bzero(&req, sizeof(req)); | |||
930 | strncpy(req.ifra_name, ifname, sizeof(req.ifra_name)); | |||
931 | memcpy(&req.ifra_addrifra_ifrau.ifrau_addr, addr, sizeof(req.ifra_addrifra_ifrau.ifrau_addr)); | |||
932 | if (add) | |||
933 | memcpy(&req.ifra_mask, mask, sizeof(req.ifra_addrifra_ifrau.ifrau_addr)); | |||
934 | ||||
935 | log_debug("%s: %s inet %s netmask %s", __func__, | |||
936 | add ? "add" : "del", print_addr(addr), print_addr(mask)); | |||
937 | ||||
938 | ioreq = add ? SIOCAIFADDR((unsigned long)0x80000000 | ((sizeof(struct ifaliasreq) & 0x1fff) << 16) | ((('i')) << 8) | ((26))) : SIOCDIFADDR((unsigned long)0x80000000 | ((sizeof(struct ifreq) & 0x1fff ) << 16) | ((('i')) << 8) | ((25))); | |||
939 | if (ioctl(ivr->ivr_iosock, ioreq, &req) == -1) { | |||
940 | log_warn("%s: req: %lu", __func__, ioreq); | |||
941 | return (-1); | |||
942 | } | |||
943 | break; | |||
944 | case AF_INET624: | |||
945 | bzero(&req6, sizeof(req6)); | |||
946 | strncpy(req6.ifra_name, ifname, sizeof(req6.ifra_name)); | |||
947 | req6.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME0xffffffff; | |||
948 | req6.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME0xffffffff; | |||
949 | ||||
950 | memcpy(&req6.ifra_addrifra_ifrau.ifrau_addr, addr, sizeof(req6.ifra_addrifra_ifrau.ifrau_addr)); | |||
951 | if (add) | |||
952 | memcpy(&req6.ifra_prefixmask, mask, | |||
953 | sizeof(req6.ifra_prefixmask)); | |||
954 | ||||
955 | log_debug("%s: %s inet6 %s netmask %s", __func__, | |||
956 | add ? "add" : "del", print_addr(addr), print_addr(mask)); | |||
957 | ||||
958 | ioreq = add ? SIOCAIFADDR_IN6((unsigned long)0x80000000 | ((sizeof(struct in6_aliasreq) & 0x1fff) << 16) | ((('i')) << 8) | ((26))) : SIOCDIFADDR_IN6((unsigned long)0x80000000 | ((sizeof(struct in6_ifreq) & 0x1fff) << 16) | ((('i')) << 8) | ((25))); | |||
959 | if (ioctl(ivr->ivr_iosock6, ioreq, &req6) == -1) { | |||
960 | log_warn("%s: req: %lu", __func__, ioreq); | |||
961 | return (-1); | |||
962 | } | |||
963 | break; | |||
964 | default: | |||
965 | return (-1); | |||
966 | } | |||
967 | ||||
968 | return (0); | |||
969 | } |