blob: 1de938a5d583befb9464a9dbe2346dea98258831 [file] [log] [blame]
/*
* Copyright (c) 1982, 1986, 1988, 1990, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)udp_usrreq.c 8.4 (Berkeley) 1/21/94
* udp_usrreq.c,v 1.4 1994/10/02 17:48:45 phk Exp
*/
/*
* Changes and additions relating to SLiRP
* Copyright (c) 1995 Danny Gasparovski.
*
* Please read the file COPYRIGHT for the
* terms and conditions of the copyright.
*/
#include <slirp.h>
#include "ip_icmp.h"
#define SLIRP_COMPILATION 1
#include "sockets.h"
#ifdef LOG_ENABLED
struct udpstat udpstat;
#endif
/* Keeps track of the number of DNS requests. Used to implement the firewall
* option that restricts the number of DNS requests (-max_dns_conns). */
u_int dns_num_conns;
struct socket udb;
static u_int8_t udp_tos(struct socket *so);
static void udp_emu(struct socket *so, struct mbuf *m);
/*
* UDP protocol implementation.
* Per RFC 768, August, 1980.
*/
#ifndef COMPAT_42
#define UDPCKSUM 1
#else
#define UDPCKSUM 0 /* XXX */
#endif
struct socket *udp_last_so = &udb;
void
udp_init(void)
{
udb.so_next = udb.so_prev = &udb;
dns_num_conns = 0;
}
/* m->m_data points at ip packet header
* m->m_len length ip packet
* ip->ip_len length data (IPDU)
*/
void
udp_input(register struct mbuf *m, int iphlen)
{
register struct ip *ip;
register struct udphdr *uh;
/* struct mbuf *opts = 0;*/
int len;
struct ip save_ip;
struct socket *so;
DEBUG_CALL("udp_input");
DEBUG_ARG("m = %lx", (long)m);
DEBUG_ARG("iphlen = %d", iphlen);
STAT(udpstat.udps_ipackets++);
/*
* Strip IP options, if any; should skip this,
* make available to user, and use on returned packets,
* but we don't yet have a way to check the checksum
* with options still present.
*/
if(iphlen > sizeof(struct ip)) {
ip_stripoptions(m, (struct mbuf *)0);
iphlen = sizeof(struct ip);
}
/*
* Get IP and UDP header together in first mbuf.
*/
ip = mtod(m, struct ip *);
uh = (struct udphdr *)((caddr_t)ip + iphlen);
/*
* Make mbuf data length reflect UDP length.
* If not enough data to reflect UDP length, drop.
*/
len = ntohs((u_int16_t)uh->uh_ulen);
if (ip->ip_len != len) {
if (len > ip->ip_len) {
STAT(udpstat.udps_badlen++);
goto bad;
}
m_adj(m, len - ip->ip_len);
ip->ip_len = len;
}
/* ------------------------------------------------------*/
/* User mode network stack restrictions */
/* slirp_should_drop requires host byte ordering in arguments */
time_t timestamp = time(NULL);
if (slirp_should_drop(ntohl(ip->ip_dst.addr), ntohs(uh->uh_dport.port),
IPPROTO_UDP)) {
slirp_drop_log(
"Dropped UDP: src: 0x%08lx:0x%04x dst: 0x%08lx:0x%04x %ld\n",
ntohl(ip->ip_src.addr),
ntohs(uh->uh_sport.port),
ntohl(ip->ip_dst.addr),
ntohs(uh->uh_dport.port),
timestamp
);
goto bad; /* drop the packet */
}
else {
slirp_drop_log(
"Allowed UDP: src: 0x%08lx:0x%04x dst: 0x%08lx:0x%04x %ld\n",
ntohl(ip->ip_src.addr),
ntohs(uh->uh_sport.port),
ntohl(ip->ip_dst.addr),
ntohs(uh->uh_dport.port),
timestamp
);
}
/* ------------------------------------------------------*/
/*
* Save a copy of the IP header in case we want restore it
* for sending an ICMP error message in response.
*/
save_ip = *ip;
save_ip.ip_len+= iphlen; /* tcp_input subtracts this */
/*
* Checksum extended UDP header and data.
*/
if (UDPCKSUM && uh->uh_sum) {
memset(&((struct ipovly *)ip)->ih_mbuf, 0, sizeof(struct mbuf_ptr));
((struct ipovly *)ip)->ih_x1 = 0;
((struct ipovly *)ip)->ih_len = uh->uh_ulen;
/* keep uh_sum for ICMP reply
* uh->uh_sum = cksum(m, len + sizeof (struct ip));
* if (uh->uh_sum) {
*/
if(cksum(m, len + sizeof(struct ip))) {
STAT(udpstat.udps_badsum++);
goto bad;
}
}
/*
* handle DHCP/BOOTP
*/
if (port_geth(uh->uh_dport) == BOOTP_SERVER) {
bootp_input(m);
goto bad;
}
if (slirp_restrict)
goto bad;
/*
* handle TFTP
*/
if (port_geth(uh->uh_dport) == TFTP_SERVER) {
tftp_input(m);
goto bad;
}
// DNS logging and FW rules
if (ntohs(uh->uh_dport.port) == 53) {
if (!slirp_dump_dns(m)) {
DEBUG_MISC((dfd,"Error logging DNS packet"));
}
dns_num_conns++;
if (slirp_get_max_dns_conns() != -1 &&
dns_num_conns > slirp_get_max_dns_conns())
goto bad;
}
/*
* Locate pcb for datagram.
*/
so = udp_last_so;
if (so->so_laddr_port != port_geth(uh->uh_sport) ||
so->so_laddr_ip != ip_geth(ip->ip_src)) {
struct socket *tmp;
for (tmp = udb.so_next; tmp != &udb; tmp = tmp->so_next) {
if (tmp->so_laddr_port == port_geth(uh->uh_sport) &&
tmp->so_laddr_ip == ip_geth(ip->ip_src)) {
tmp->so_faddr_ip = ip_geth(ip->ip_dst);
tmp->so_faddr_port = port_geth(uh->uh_dport);
so = tmp;
break;
}
}
if (tmp == &udb) {
so = NULL;
} else {
STAT(udpstat.udpps_pcbcachemiss++);
udp_last_so = so;
}
}
if (so == NULL) {
/*
* If there's no socket for this packet,
* create one
*/
if ((so = socreate()) == NULL) goto bad;
if(udp_attach(so) == -1) {
DEBUG_MISC((dfd," udp_attach errno = %d-%s\n",
errno,errno_str));
sofree(so);
goto bad;
}
/*
* Setup fields
*/
/* udp_last_so = so; */
so->so_laddr_ip = ip_geth(ip->ip_src);
so->so_laddr_port = port_geth(uh->uh_sport);
if ((so->so_iptos = udp_tos(so)) == 0)
so->so_iptos = ip->ip_tos;
/*
* XXXXX Here, check if it's in udpexec_list,
* and if it is, do the fork_exec() etc.
*/
}
so->so_faddr_ip = ip_geth(ip->ip_dst); /* XXX */
so->so_faddr_port = port_geth(uh->uh_dport); /* XXX */
iphlen += sizeof(struct udphdr);
m->m_len -= iphlen;
m->m_data += iphlen;
/*
* Now we sendto() the packet.
*/
if (so->so_emu)
udp_emu(so, m);
if(sosendto(so,m) == -1) {
m->m_len += iphlen;
m->m_data -= iphlen;
*ip=save_ip;
DEBUG_MISC((dfd,"udp tx errno = %d-%s\n",errno, errno_str));
icmp_error(m, ICMP_UNREACH,ICMP_UNREACH_NET, 0,errno_str);
}
m_free(so->so_m); /* used for ICMP if error on sorecvfrom */
/* restore the orig mbuf packet */
m->m_len += iphlen;
m->m_data -= iphlen;
*ip=save_ip;
so->so_m=m; /* ICMP backup */
return;
bad:
m_freem(m);
/* if (opts) m_freem(opts); */
return;
}
int udp_output2_(struct socket *so, struct mbuf *m,
const SockAddress* saddr,
const SockAddress* daddr,
int iptos)
{
register struct udpiphdr *ui;
uint32_t saddr_ip = sock_address_get_ip(saddr);
uint32_t daddr_ip = sock_address_get_ip(daddr);
int saddr_port = sock_address_get_port(saddr);
int daddr_port = sock_address_get_port(daddr);
int error = 0;
DEBUG_CALL("udp_output");
DEBUG_ARG("so = %lx", (long)so);
DEBUG_ARG("m = %lx", (long)m);
DEBUG_ARG("saddr = %lx", (long) saddr_ip);
DEBUG_ARG("daddr = %lx", (long) daddr_ip);
/*
* Adjust for header
*/
m->m_data -= sizeof(struct udpiphdr);
m->m_len += sizeof(struct udpiphdr);
/*
* Fill in mbuf with extended UDP header
* and addresses and length put into network format.
*/
ui = mtod(m, struct udpiphdr *);
memset(&ui->ui_i.ih_mbuf, 0 , sizeof(struct mbuf_ptr));
ui->ui_x1 = 0;
ui->ui_pr = IPPROTO_UDP;
ui->ui_len = htons(m->m_len - sizeof(struct ip)); /* + sizeof (struct udphdr)); */
/* XXXXX Check for from-one-location sockets, or from-any-location sockets */
ui->ui_src = ip_seth(saddr_ip);
ui->ui_dst = ip_seth(daddr_ip);
ui->ui_sport = port_seth(saddr_port);
ui->ui_dport = port_seth(daddr_port);
ui->ui_ulen = ui->ui_len;
/*
* Stuff checksum and output datagram.
*/
ui->ui_sum = 0;
if (UDPCKSUM) {
if ((ui->ui_sum = cksum(m, /* sizeof (struct udpiphdr) + */ m->m_len)) == 0)
ui->ui_sum = 0xffff;
}
((struct ip *)ui)->ip_len = m->m_len;
((struct ip *)ui)->ip_ttl = IPDEFTTL;
((struct ip *)ui)->ip_tos = iptos;
STAT(udpstat.udps_opackets++);
// DNS logging
if (so != NULL && so->so_faddr_port == 53) { /*so has host byte order */
if (!slirp_dump_dns(m)) {
DEBUG_MISC((dfd,"Error logging DNS packet"));
}
}
error = ip_output(so, m);
return (error);
}
int udp_output_(struct socket *so, struct mbuf *m,
SockAddress* from)
{
SockAddress saddr, daddr;
uint32_t saddr_ip;
uint16_t saddr_port;
saddr_ip = sock_address_get_ip(from);
saddr_port = sock_address_get_port(from);
if ((so->so_faddr_ip & 0xffffff00) == special_addr_ip) {
saddr_ip = so->so_faddr_ip;
if ((so->so_faddr_ip & 0x000000ff) == 0xff)
saddr_ip = alias_addr_ip;
}
sock_address_init_inet( &saddr, saddr_ip, saddr_port );
sock_address_init_inet( &daddr, so->so_laddr_ip, so->so_laddr_port );
return udp_output2_(so, m, &saddr, &daddr, so->so_iptos);
}
int
udp_attach(struct socket *so)
{
so->s = socket_anyaddr_server( 0, SOCKET_DGRAM );
if (so->s != -1) {
/* success, insert in queue */
so->so_expire = curtime + SO_EXPIRE;
insque(so,&udb);
}
return(so->s);
}
void
udp_detach(struct socket *so)
{
socket_close(so->s);
/* if (so->so_m) m_free(so->so_m); done by sofree */
sofree(so);
}
static const struct tos_t udptos[] = {
{0, 53, IPTOS_LOWDELAY, 0}, /* DNS */
{517, 517, IPTOS_LOWDELAY, EMU_TALK}, /* talk */
{518, 518, IPTOS_LOWDELAY, EMU_NTALK}, /* ntalk */
{0, 7648, IPTOS_LOWDELAY, EMU_CUSEEME}, /* Cu-Seeme */
{0, 0, 0, 0}
};
static u_int8_t
udp_tos(struct socket *so)
{
int i = 0;
while(udptos[i].tos) {
if ((udptos[i].fport && so->so_faddr_port == udptos[i].fport) ||
(udptos[i].lport && so->so_laddr_port == udptos[i].lport)) {
so->so_emu = udptos[i].emu;
return udptos[i].tos;
}
i++;
}
return 0;
}
/*
* Here, talk/ytalk/ntalk requests must be emulated
*/
static void
udp_emu(struct socket *so, struct mbuf *m)
{
SockAddress sockaddr;
struct cu_header {
uint16_t d_family; // destination family
uint16_t d_port; // destination port
uint32_t d_addr; // destination address
uint16_t s_family; // source family
uint16_t s_port; // source port
uint32_t so_addr; // source address
uint32_t seqn; // sequence number
uint16_t message; // message
uint16_t data_type; // data type
uint16_t pkt_len; // packet length
} *cu_head;
switch(so->so_emu) {
case EMU_CUSEEME:
/*
* Cu-SeeMe emulation.
* Hopefully the packet is more that 16 bytes long. We don't
* do any other tests, just replace the address and port
* fields.
*/
if (m->m_len >= sizeof (*cu_head)) {
if (socket_get_address(so->s, &sockaddr) < 0)
return;
cu_head = mtod(m, struct cu_header *);
cu_head->s_port = htons( sock_address_get_port(&sockaddr));
cu_head->so_addr = htonl( sock_address_get_ip(&sockaddr));
}
return;
}
}
struct socket *
udp_listen(u_int port, u_int32_t laddr, u_int lport, int flags)
{
struct socket *so;
SockAddress addr;
uint32_t addr_ip;
if ((so = socreate()) == NULL) {
free(so);
return NULL;
}
so->s = socket_anyaddr_server( port, SOCKET_DGRAM );
so->so_expire = curtime + SO_EXPIRE;
so->so_haddr_port = port;
insque(so,&udb);
if (so->s < 0) {
udp_detach(so);
return NULL;
}
socket_get_address(so->s, &addr);
so->so_faddr_port = sock_address_get_port(&addr);
addr_ip = sock_address_get_ip(&addr);
if (addr_ip == 0 || addr_ip == loopback_addr_ip)
so->so_faddr_ip = alias_addr_ip;
else
so->so_faddr_ip = addr_ip;
so->so_laddr_port = lport;
so->so_laddr_ip = laddr;
if (flags != SS_FACCEPTONCE)
so->so_expire = 0;
so->so_state = SS_ISFCONNECTED;
return so;
}
int udp_unlisten (u_int port)
{
return slirp_unredir(1, port);
}