]>
Commit | Line | Data |
---|---|---|
f0cbd3ec FB |
1 | /* |
2 | * Copyright (c) 1982, 1986, 1988, 1993 | |
3 | * The Regents of the University of California. All rights reserved. | |
4 | * | |
5 | * Redistribution and use in source and binary forms, with or without | |
6 | * modification, are permitted provided that the following conditions | |
7 | * are met: | |
8 | * 1. Redistributions of source code must retain the above copyright | |
9 | * notice, this list of conditions and the following disclaimer. | |
10 | * 2. Redistributions in binary form must reproduce the above copyright | |
11 | * notice, this list of conditions and the following disclaimer in the | |
12 | * documentation and/or other materials provided with the distribution. | |
2f5f8996 | 13 | * 3. Neither the name of the University nor the names of its contributors |
f0cbd3ec FB |
14 | * may be used to endorse or promote products derived from this software |
15 | * without specific prior written permission. | |
16 | * | |
17 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | |
18 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
19 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
20 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
21 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
22 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
23 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
24 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
25 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
26 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
27 | * SUCH DAMAGE. | |
28 | * | |
29 | * @(#)ip_icmp.c 8.2 (Berkeley) 1/4/94 | |
30 | * ip_icmp.c,v 1.7 1995/05/30 08:09:42 rgrimes Exp | |
31 | */ | |
32 | ||
33 | #include "slirp.h" | |
34 | #include "ip_icmp.h" | |
35 | ||
d0ea546c MAL |
36 | #ifndef WITH_ICMP_ERROR_MSG |
37 | #define WITH_ICMP_ERROR_MSG 0 | |
38 | #endif | |
39 | ||
f0cbd3ec | 40 | /* The message sent when emulating PING */ |
7878ff6b | 41 | /* Be nice and tell them it's just a pseudo-ping packet */ |
7ca699c8 | 42 | static const char icmp_ping_msg[] = "This is a pseudo-PING packet used by Slirp to emulate ICMP ECHO-REQUEST packets.\n"; |
f0cbd3ec | 43 | |
de40abfe | 44 | /* list of actions for icmp_send_error() on RX of an icmp message */ |
9634d903 | 45 | static const int icmp_flush[19] = { |
f0cbd3ec FB |
46 | /* ECHO REPLY (0) */ 0, |
47 | 1, | |
48 | 1, | |
49 | /* DEST UNREACH (3) */ 1, | |
50 | /* SOURCE QUENCH (4)*/ 1, | |
51 | /* REDIRECT (5) */ 1, | |
52 | 1, | |
53 | 1, | |
54 | /* ECHO (8) */ 0, | |
55 | /* ROUTERADVERT (9) */ 1, | |
56 | /* ROUTERSOLICIT (10) */ 1, | |
57 | /* TIME EXCEEDED (11) */ 1, | |
58 | /* PARAMETER PROBLEM (12) */ 1, | |
59 | /* TIMESTAMP (13) */ 0, | |
60 | /* TIMESTAMP REPLY (14) */ 0, | |
61 | /* INFO (15) */ 0, | |
62 | /* INFO REPLY (16) */ 0, | |
63 | /* ADDR MASK (17) */ 0, | |
5fafdf24 | 64 | /* ADDR MASK REPLY (18) */ 0 |
f0cbd3ec FB |
65 | }; |
66 | ||
e6d43cfb JK |
67 | void icmp_init(Slirp *slirp) |
68 | { | |
69 | slirp->icmp.so_next = slirp->icmp.so_prev = &slirp->icmp; | |
70 | slirp->icmp_last_so = &slirp->icmp; | |
71 | } | |
72 | ||
a68adc22 JK |
73 | void icmp_cleanup(Slirp *slirp) |
74 | { | |
75 | while (slirp->icmp.so_next != &slirp->icmp) { | |
76 | icmp_detach(slirp->icmp.so_next); | |
77 | } | |
78 | } | |
79 | ||
e6d43cfb JK |
80 | static int icmp_send(struct socket *so, struct mbuf *m, int hlen) |
81 | { | |
82 | struct ip *ip = mtod(m, struct ip *); | |
83 | struct sockaddr_in addr; | |
84 | ||
707bd47e | 85 | so->s = slirp_socket(AF_INET, SOCK_DGRAM, IPPROTO_ICMP); |
e6d43cfb JK |
86 | if (so->s == -1) { |
87 | return -1; | |
88 | } | |
89 | ||
90 | so->so_m = m; | |
91 | so->so_faddr = ip->ip_dst; | |
92 | so->so_laddr = ip->ip_src; | |
93 | so->so_iptos = ip->ip_tos; | |
94 | so->so_type = IPPROTO_ICMP; | |
95 | so->so_state = SS_ISFCONNECTED; | |
96 | so->so_expire = curtime + SO_EXPIRE; | |
97 | ||
98 | addr.sin_family = AF_INET; | |
99 | addr.sin_addr = so->so_faddr; | |
100 | ||
101 | insque(so, &so->slirp->icmp); | |
102 | ||
103 | if (sendto(so->s, m->m_data + hlen, m->m_len - hlen, 0, | |
104 | (struct sockaddr *)&addr, sizeof(addr)) == -1) { | |
226ea7a9 | 105 | DEBUG_MISC("icmp_input icmp sendto tx errno = %d-%s", |
2afbb788 | 106 | errno, strerror(errno)); |
de40abfe | 107 | icmp_send_error(m, ICMP_UNREACH, ICMP_UNREACH_NET, 0, strerror(errno)); |
e6d43cfb JK |
108 | icmp_detach(so); |
109 | } | |
110 | ||
111 | return 0; | |
112 | } | |
113 | ||
114 | void icmp_detach(struct socket *so) | |
115 | { | |
3e0fad3a | 116 | so->slirp->cb->unregister_poll_fd(so->s, so->slirp->opaque); |
707bd47e | 117 | slirp_closesocket(so->s); |
e6d43cfb JK |
118 | sofree(so); |
119 | } | |
120 | ||
f0cbd3ec FB |
121 | /* |
122 | * Process a received ICMP message. | |
123 | */ | |
124 | void | |
511d2b14 | 125 | icmp_input(struct mbuf *m, int hlen) |
f0cbd3ec FB |
126 | { |
127 | register struct icmp *icp; | |
128 | register struct ip *ip=mtod(m, struct ip *); | |
129 | int icmplen=ip->ip_len; | |
460fec67 | 130 | Slirp *slirp = m->slirp; |
5fafdf24 | 131 | |
f0cbd3ec | 132 | DEBUG_CALL("icmp_input"); |
ecc804ca | 133 | DEBUG_ARG("m = %p", m); |
f0cbd3ec FB |
134 | DEBUG_ARG("m_len = %d", m->m_len); |
135 | ||
f0cbd3ec FB |
136 | /* |
137 | * Locate icmp structure in mbuf, and check | |
138 | * that its not corrupted and of at least minimum length. | |
139 | */ | |
140 | if (icmplen < ICMP_MINLEN) { /* min 8 bytes payload */ | |
f0cbd3ec | 141 | freeit: |
3acccfc6 | 142 | m_free(m); |
f0cbd3ec FB |
143 | goto end_error; |
144 | } | |
145 | ||
146 | m->m_len -= hlen; | |
147 | m->m_data += hlen; | |
148 | icp = mtod(m, struct icmp *); | |
149 | if (cksum(m, icmplen)) { | |
f0cbd3ec FB |
150 | goto freeit; |
151 | } | |
152 | m->m_len += hlen; | |
153 | m->m_data -= hlen; | |
3b46e624 | 154 | |
f0cbd3ec FB |
155 | DEBUG_ARG("icmp_type = %d", icp->icmp_type); |
156 | switch (icp->icmp_type) { | |
157 | case ICMP_ECHO: | |
f0cbd3ec | 158 | ip->ip_len += hlen; /* since ip_input subtracts this */ |
7d172497 ST |
159 | if (ip->ip_dst.s_addr == slirp->vhost_addr.s_addr || |
160 | ip->ip_dst.s_addr == slirp->vnameserver_addr.s_addr) { | |
161 | icmp_reflect(m); | |
12b513d8 JK |
162 | } else if (slirp->restricted) { |
163 | goto freeit; | |
f0cbd3ec FB |
164 | } else { |
165 | struct socket *so; | |
5379229a | 166 | struct sockaddr_storage addr; |
4ded9bb5 | 167 | so = socreate(slirp); |
e6d43cfb JK |
168 | if (icmp_send(so, m, hlen) == 0) { |
169 | return; | |
170 | } | |
9b5a30dc | 171 | if (udp_attach(so, AF_INET) == -1) { |
226ea7a9 | 172 | DEBUG_MISC("icmp_input udp_attach errno = %d-%s", |
2afbb788 | 173 | errno,strerror(errno)); |
f0cbd3ec FB |
174 | sofree(so); |
175 | m_free(m); | |
176 | goto end_error; | |
177 | } | |
178 | so->so_m = m; | |
eae303ff | 179 | so->so_ffamily = AF_INET; |
f0cbd3ec FB |
180 | so->so_faddr = ip->ip_dst; |
181 | so->so_fport = htons(7); | |
eae303ff | 182 | so->so_lfamily = AF_INET; |
f0cbd3ec FB |
183 | so->so_laddr = ip->ip_src; |
184 | so->so_lport = htons(9); | |
185 | so->so_iptos = ip->ip_tos; | |
186 | so->so_type = IPPROTO_ICMP; | |
187 | so->so_state = SS_ISFCONNECTED; | |
3b46e624 | 188 | |
f0cbd3ec | 189 | /* Send the packet */ |
5379229a GS |
190 | addr = so->fhost.ss; |
191 | sotranslate_out(so, &addr); | |
192 | ||
f0cbd3ec | 193 | if(sendto(so->s, icmp_ping_msg, strlen(icmp_ping_msg), 0, |
0d48dfed | 194 | (struct sockaddr *)&addr, sockaddr_size(&addr)) == -1) { |
226ea7a9 | 195 | DEBUG_MISC("icmp_input udp sendto tx errno = %d-%s", |
2afbb788 | 196 | errno,strerror(errno)); |
de40abfe | 197 | icmp_send_error(m, ICMP_UNREACH, ICMP_UNREACH_NET, 0, strerror(errno)); |
f0cbd3ec FB |
198 | udp_detach(so); |
199 | } | |
8dbca8dd | 200 | } /* if ip->ip_dst.s_addr == alias_addr.s_addr */ |
f0cbd3ec FB |
201 | break; |
202 | case ICMP_UNREACH: | |
203 | /* XXX? report error? close socket? */ | |
204 | case ICMP_TIMXCEED: | |
205 | case ICMP_PARAMPROB: | |
206 | case ICMP_SOURCEQUENCH: | |
207 | case ICMP_TSTAMP: | |
208 | case ICMP_MASKREQ: | |
209 | case ICMP_REDIRECT: | |
3acccfc6 | 210 | m_free(m); |
f0cbd3ec | 211 | break; |
3b46e624 | 212 | |
f0cbd3ec | 213 | default: |
3acccfc6 | 214 | m_free(m); |
f0cbd3ec FB |
215 | } /* swith */ |
216 | ||
217 | end_error: | |
218 | /* m is m_free()'d xor put in a socket xor or given to ip_send */ | |
219 | return; | |
220 | } | |
221 | ||
222 | ||
223 | /* | |
224 | * Send an ICMP message in response to a situation | |
225 | * | |
226 | * RFC 1122: 3.2.2 MUST send at least the IP header and 8 bytes of header. MAY send more (we do). | |
227 | * MUST NOT change this header information. | |
228 | * MUST NOT reply to a multicast/broadcast IP address. | |
229 | * MUST NOT reply to a multicast/broadcast MAC address. | |
230 | * MUST reply to only the first fragment. | |
231 | */ | |
232 | /* | |
233 | * Send ICMP_UNREACH back to the source regarding msrc. | |
234 | * mbuf *msrc is used as a template, but is NOT m_free()'d. | |
235 | * It is reported as the bad ip packet. The header should | |
236 | * be fully correct and in host byte order. | |
5fafdf24 | 237 | * ICMP fragmentation is illegal. All machines must accept 576 bytes in one |
f0cbd3ec FB |
238 | * packet. The maximum payload is 576-20(ip hdr)-8(icmp hdr)=548 |
239 | */ | |
240 | ||
241 | #define ICMP_MAXDATALEN (IP_MSS-28) | |
242 | void | |
d7df0b41 | 243 | icmp_send_error(struct mbuf *msrc, uint8_t type, uint8_t code, int minsize, |
7ccfb2eb | 244 | const char *message) |
f0cbd3ec FB |
245 | { |
246 | unsigned hlen, shlen, s_ip_len; | |
247 | register struct ip *ip; | |
248 | register struct icmp *icp; | |
249 | register struct mbuf *m; | |
250 | ||
de40abfe | 251 | DEBUG_CALL("icmp_send_error"); |
ecc804ca | 252 | DEBUG_ARG("msrc = %p", msrc); |
f0cbd3ec FB |
253 | DEBUG_ARG("msrc_len = %d", msrc->m_len); |
254 | ||
255 | if(type!=ICMP_UNREACH && type!=ICMP_TIMXCEED) goto end_error; | |
256 | ||
257 | /* check msrc */ | |
258 | if(!msrc) goto end_error; | |
259 | ip = mtod(msrc, struct ip *); | |
eb0b1596 MAL |
260 | if (slirp_debug & DBG_MISC) { |
261 | char bufa[20], bufb[20]; | |
f0cbd3ec FB |
262 | strcpy(bufa, inet_ntoa(ip->ip_src)); |
263 | strcpy(bufb, inet_ntoa(ip->ip_dst)); | |
226ea7a9 | 264 | DEBUG_MISC(" %.16s to %.16s", bufa, bufb); |
f0cbd3ec | 265 | } |
f0cbd3ec FB |
266 | if(ip->ip_off & IP_OFFMASK) goto end_error; /* Only reply to fragment 0 */ |
267 | ||
6612db12 JK |
268 | /* Do not reply to source-only IPs */ |
269 | if ((ip->ip_src.s_addr & htonl(~(0xf << 28))) == 0) { | |
270 | goto end_error; | |
271 | } | |
272 | ||
f0cbd3ec FB |
273 | shlen=ip->ip_hl << 2; |
274 | s_ip_len=ip->ip_len; | |
275 | if(ip->ip_p == IPPROTO_ICMP) { | |
276 | icp = (struct icmp *)((char *)ip + shlen); | |
277 | /* | |
278 | * Assume any unknown ICMP type is an error. This isn't | |
279 | * specified by the RFC, but think about it.. | |
280 | */ | |
281 | if(icp->icmp_type>18 || icmp_flush[icp->icmp_type]) goto end_error; | |
282 | } | |
283 | ||
284 | /* make a copy */ | |
460fec67 JK |
285 | m = m_get(msrc->slirp); |
286 | if (!m) { | |
287 | goto end_error; | |
288 | } | |
289 | ||
f0cbd3ec FB |
290 | { int new_m_size; |
291 | new_m_size=sizeof(struct ip )+ICMP_MINLEN+msrc->m_len+ICMP_MAXDATALEN; | |
292 | if(new_m_size>m->m_size) m_inc(m, new_m_size); | |
293 | } | |
294 | memcpy(m->m_data, msrc->m_data, msrc->m_len); | |
295 | m->m_len = msrc->m_len; /* copy msrc to m */ | |
296 | ||
297 | /* make the header of the reply packet */ | |
298 | ip = mtod(m, struct ip *); | |
299 | hlen= sizeof(struct ip ); /* no options in reply */ | |
3b46e624 | 300 | |
f0cbd3ec | 301 | /* fill in icmp */ |
3b46e624 | 302 | m->m_data += hlen; |
f0cbd3ec FB |
303 | m->m_len -= hlen; |
304 | ||
305 | icp = mtod(m, struct icmp *); | |
306 | ||
307 | if(minsize) s_ip_len=shlen+ICMP_MINLEN; /* return header+8b only */ | |
308 | else if(s_ip_len>ICMP_MAXDATALEN) /* maximum size */ | |
309 | s_ip_len=ICMP_MAXDATALEN; | |
310 | ||
3b46e624 | 311 | m->m_len=ICMP_MINLEN+s_ip_len; /* 8 bytes ICMP header */ |
f0cbd3ec FB |
312 | |
313 | /* min. size = 8+sizeof(struct ip)+8 */ | |
314 | ||
315 | icp->icmp_type = type; | |
316 | icp->icmp_code = code; | |
317 | icp->icmp_id = 0; | |
318 | icp->icmp_seq = 0; | |
319 | ||
320 | memcpy(&icp->icmp_ip, msrc->m_data, s_ip_len); /* report the ip packet */ | |
321 | HTONS(icp->icmp_ip.ip_len); | |
322 | HTONS(icp->icmp_ip.ip_id); | |
323 | HTONS(icp->icmp_ip.ip_off); | |
324 | ||
d0ea546c | 325 | if (message && WITH_ICMP_ERROR_MSG) { /* append message to ICMP packet */ |
f0cbd3ec FB |
326 | int message_len; |
327 | char *cpnt; | |
328 | message_len=strlen(message); | |
329 | if(message_len>ICMP_MAXDATALEN) message_len=ICMP_MAXDATALEN; | |
330 | cpnt=(char *)m->m_data+m->m_len; | |
331 | memcpy(cpnt, message, message_len); | |
332 | m->m_len+=message_len; | |
333 | } | |
f0cbd3ec FB |
334 | |
335 | icp->icmp_cksum = 0; | |
336 | icp->icmp_cksum = cksum(m, m->m_len); | |
337 | ||
338 | m->m_data -= hlen; | |
339 | m->m_len += hlen; | |
340 | ||
341 | /* fill in ip */ | |
342 | ip->ip_hl = hlen >> 2; | |
343 | ip->ip_len = m->m_len; | |
3b46e624 | 344 | |
f0cbd3ec FB |
345 | ip->ip_tos=((ip->ip_tos & 0x1E) | 0xC0); /* high priority for errors */ |
346 | ||
347 | ip->ip_ttl = MAXTTL; | |
348 | ip->ip_p = IPPROTO_ICMP; | |
a93cf9df | 349 | ip->ip_dst = ip->ip_src; /* ip addresses */ |
460fec67 | 350 | ip->ip_src = m->slirp->vhost_addr; |
f0cbd3ec FB |
351 | |
352 | (void ) ip_output((struct socket *)NULL, m); | |
3b46e624 | 353 | |
f0cbd3ec FB |
354 | end_error: |
355 | return; | |
356 | } | |
357 | #undef ICMP_MAXDATALEN | |
358 | ||
359 | /* | |
360 | * Reflect the ip packet back to the source | |
361 | */ | |
362 | void | |
511d2b14 | 363 | icmp_reflect(struct mbuf *m) |
f0cbd3ec FB |
364 | { |
365 | register struct ip *ip = mtod(m, struct ip *); | |
366 | int hlen = ip->ip_hl << 2; | |
367 | int optlen = hlen - sizeof(struct ip ); | |
368 | register struct icmp *icp; | |
369 | ||
370 | /* | |
371 | * Send an icmp packet back to the ip level, | |
372 | * after supplying a checksum. | |
373 | */ | |
374 | m->m_data += hlen; | |
375 | m->m_len -= hlen; | |
376 | icp = mtod(m, struct icmp *); | |
377 | ||
e6d43cfb | 378 | icp->icmp_type = ICMP_ECHOREPLY; |
f0cbd3ec FB |
379 | icp->icmp_cksum = 0; |
380 | icp->icmp_cksum = cksum(m, ip->ip_len - hlen); | |
381 | ||
382 | m->m_data -= hlen; | |
383 | m->m_len += hlen; | |
384 | ||
385 | /* fill in ip */ | |
386 | if (optlen > 0) { | |
387 | /* | |
388 | * Strip out original options by copying rest of first | |
389 | * mbuf's data back, and adjust the IP length. | |
390 | */ | |
d7df0b41 | 391 | memmove((char *)(ip + 1), (char *)ip + hlen, |
f0cbd3ec FB |
392 | (unsigned )(m->m_len - hlen)); |
393 | hlen -= optlen; | |
394 | ip->ip_hl = hlen >> 2; | |
395 | ip->ip_len -= optlen; | |
396 | m->m_len -= optlen; | |
397 | } | |
398 | ||
399 | ip->ip_ttl = MAXTTL; | |
400 | { /* swap */ | |
401 | struct in_addr icmp_dst; | |
402 | icmp_dst = ip->ip_dst; | |
403 | ip->ip_dst = ip->ip_src; | |
404 | ip->ip_src = icmp_dst; | |
405 | } | |
406 | ||
407 | (void ) ip_output((struct socket *)NULL, m); | |
f0cbd3ec | 408 | } |
e6d43cfb JK |
409 | |
410 | void icmp_receive(struct socket *so) | |
411 | { | |
412 | struct mbuf *m = so->so_m; | |
413 | struct ip *ip = mtod(m, struct ip *); | |
414 | int hlen = ip->ip_hl << 2; | |
d7df0b41 | 415 | uint8_t error_code; |
e6d43cfb JK |
416 | struct icmp *icp; |
417 | int id, len; | |
418 | ||
419 | m->m_data += hlen; | |
420 | m->m_len -= hlen; | |
421 | icp = mtod(m, struct icmp *); | |
422 | ||
423 | id = icp->icmp_id; | |
707bd47e | 424 | len = slirp_recv(so->s, icp, M_ROOM(m), 0); |
3d090aef AO |
425 | /* |
426 | * The behavior of reading SOCK_DGRAM+IPPROTO_ICMP sockets is inconsistent | |
427 | * between host OSes. On Linux, only the ICMP header and payload is | |
428 | * included. On macOS/Darwin, the socket acts like a raw socket and | |
429 | * includes the IP header as well. On other BSDs, SOCK_DGRAM+IPPROTO_ICMP | |
430 | * sockets aren't supported at all, so we treat them like raw sockets. It | |
431 | * isn't possible to detect this difference at runtime, so we must use an | |
432 | * #ifdef to determine if we need to remove the IP header. | |
433 | */ | |
434 | #ifdef CONFIG_BSD | |
435 | if (len >= sizeof(struct ip)) { | |
436 | struct ip *inner_ip = mtod(m, struct ip *); | |
437 | int inner_hlen = inner_ip->ip_hl << 2; | |
438 | if (inner_hlen > len) { | |
439 | len = -1; | |
440 | errno = -EINVAL; | |
441 | } else { | |
442 | len -= inner_hlen; | |
443 | memmove(icp, (unsigned char *)icp + inner_hlen, len); | |
444 | } | |
445 | } else { | |
446 | len = -1; | |
447 | errno = -EINVAL; | |
448 | } | |
449 | #endif | |
e6d43cfb JK |
450 | icp->icmp_id = id; |
451 | ||
452 | m->m_data -= hlen; | |
453 | m->m_len += hlen; | |
454 | ||
455 | if (len == -1 || len == 0) { | |
456 | if (errno == ENETUNREACH) { | |
457 | error_code = ICMP_UNREACH_NET; | |
458 | } else { | |
459 | error_code = ICMP_UNREACH_HOST; | |
460 | } | |
226ea7a9 | 461 | DEBUG_MISC(" udp icmp rx errno = %d-%s", errno, |
2afbb788 | 462 | strerror(errno)); |
de40abfe | 463 | icmp_send_error(so->so_m, ICMP_UNREACH, error_code, 0, strerror(errno)); |
e6d43cfb JK |
464 | } else { |
465 | icmp_reflect(so->so_m); | |
466 | so->so_m = NULL; /* Don't m_free() it again! */ | |
467 | } | |
468 | icmp_detach(so); | |
469 | } |