Index: xnu/bsd/conf/MASTER diff -c xnu/bsd/conf/MASTER:1.1.1.5 xnu/bsd/conf/MASTER:1.1.1.5.2.1 *** xnu/bsd/conf/MASTER:1.1.1.5 Sun Apr 29 06:39:40 2007 --- xnu/bsd/conf/MASTER Sun Apr 29 06:59:46 2007 *************** *** 208,218 **** --- 208,220 ---- options "IPV6FIREWALL" # IPv6 Firewall Feature # options "IPV6FIREWALL_DEFAULT_TO_ACCEPT" #IPv6 Firewall Feature # #options "IPV6FIREWALL_VERBOSE" #IPv6 Firewall Feature # + options "MIP6" # Mobile IPv6/NEMO support # pseudo-device gif 1 # pseudo-device dummy 2 # pseudo-device faith 1 # pseudo-device stf 1 # + pseudo-device mip 1 # options crypto # Index: xnu/bsd/conf/MASTER.ppc diff -c xnu/bsd/conf/MASTER.ppc:1.1.1.1 xnu/bsd/conf/MASTER.ppc:1.1.1.1.20.1 *** xnu/bsd/conf/MASTER.ppc:1.1.1.1 Sun Sep 18 03:52:57 2005 --- xnu/bsd/conf/MASTER.ppc Sun Apr 29 06:59:46 2007 *************** *** 45,54 **** # Standard Apple Research Configurations: # -------- ----- -------- --------------- # ! # RELEASE = [ppc mach medium vol pst gdb simple_clock kernstack nfsclient nfsserver quota fifo fdesc union ffs cd9660 compat_oldsock revfs noprofiling hfs volfs devfs netat mrouting ipdivert ipfirewall ipfw2 dummynet ktrace inet6 ipv6firewall ipsec tcpdrop_synfin gif stf compat_43_tty compat_43_socket vlan bond netmibs] # RELEASE_TRACE = [RELEASE kdebug] # PROFILE = [ppc mach medium vol pst gdb simple_clock kernstack nfsclient nfsserver quota fifo fdesc union ffs cd9660 compat_oldsock revfs profile hfs volfs devfs netat mrouting ipdivert ipfirewall ipfw2 dummynet ktrace inet6 ipv6firewall ipsec tcpdrop_synfin gif stf compat_43_tty compat_43_socket vlan bond] ! # DEBUG = [ppc mach medium vol pst gdb debug simple_clock kernstack nfsclient nfsserver quota fifo fdesc union ffs cd9660 compat_oldsock revfs profiling hfs volfs devfs netat mrouting mach_assert ipdivert ipfirewall ipfw2 dummynet ktrace inet6 ipv6firewall ipsec tcpdrop_synfin gif stf compat_43_tty compat_43_socket vlan bond netmibs] # DEBUG_TRACE = [DEBUG kdebug] # ###################################################################### --- 45,54 ---- # Standard Apple Research Configurations: # -------- ----- -------- --------------- # ! # RELEASE = [ppc mach medium vol pst gdb simple_clock kernstack nfsclient nfsserver quota fifo fdesc union ffs cd9660 compat_oldsock revfs noprofiling hfs volfs devfs netat mrouting ipdivert ipfirewall ipfw2 dummynet ktrace inet6 ipv6firewall ipsec tcpdrop_synfin gif stf compat_43_tty compat_43_socket vlan bond netmibs mip6 mip] # RELEASE_TRACE = [RELEASE kdebug] # PROFILE = [ppc mach medium vol pst gdb simple_clock kernstack nfsclient nfsserver quota fifo fdesc union ffs cd9660 compat_oldsock revfs profile hfs volfs devfs netat mrouting ipdivert ipfirewall ipfw2 dummynet ktrace inet6 ipv6firewall ipsec tcpdrop_synfin gif stf compat_43_tty compat_43_socket vlan bond] ! # DEBUG = [ppc mach medium vol pst gdb debug simple_clock kernstack nfsclient nfsserver quota fifo fdesc union ffs cd9660 compat_oldsock revfs profiling hfs volfs devfs netat mrouting mach_assert ipdivert ipfirewall ipfw2 dummynet ktrace inet6 ipv6firewall ipsec tcpdrop_synfin gif stf compat_43_tty compat_43_socket vlan bond netmibs mip6 mip] # DEBUG_TRACE = [DEBUG kdebug] # ###################################################################### Index: xnu/bsd/conf/Makefile.template diff -c xnu/bsd/conf/Makefile.template:1.1.1.3 xnu/bsd/conf/Makefile.template:1.1.1.3.2.1 *** xnu/bsd/conf/Makefile.template:1.1.1.3 Sun Apr 29 06:39:40 2007 --- xnu/bsd/conf/Makefile.template Sun Apr 29 06:59:46 2007 *************** *** 43,49 **** # # XXX: CFLAGS # ! CFLAGS+= -imacros meta_features.h -DARCH_PRIVATE -DKERNEL -DDRIVER_PRIVATE \ -D_KERNEL_BUILD -DKERNEL_BUILD -DMACH_KERNEL -DBSD_BUILD \ -DBSD_KERNEL_PRIVATE -DNCPUS=1 -Wno-four-char-constants -fpascal-strings \ -D__APPLE__ -DLP64KERN=1 -DLP64_DEBUG=0 -I. --- 43,49 ---- # # XXX: CFLAGS # ! CFLAGS+= -imacros meta_features.h -DARCH_PRIVATE -DKERNEL -D_KERNEL -DDRIVER_PRIVATE \ -D_KERNEL_BUILD -DKERNEL_BUILD -DMACH_KERNEL -DBSD_BUILD \ -DBSD_KERNEL_PRIVATE -DNCPUS=1 -Wno-four-char-constants -fpascal-strings \ -D__APPLE__ -DLP64KERN=1 -DLP64_DEBUG=0 -I. Index: xnu/bsd/conf/files diff -c xnu/bsd/conf/files:1.1.1.5 xnu/bsd/conf/files:1.1.1.5.2.1 *** xnu/bsd/conf/files:1.1.1.5 Sun Apr 29 06:39:40 2007 --- xnu/bsd/conf/files Sun Apr 29 06:59:46 2007 *************** *** 98,103 **** --- 98,104 ---- OPTIONS/faith optional faith OPTIONS/gif optional gif OPTIONS/netat optional netat + OPTIONS/mip optional mip # # Filesystem options *************** *** 233,238 **** --- 234,241 ---- bsd/net/kpi_interface.c standard bsd/net/kpi_protocol.c standard bsd/net/kpi_interfacefilter.c standard + bsd/net/mipsock.c optional mip6 + bsd/net/if_mip.c optional mip6 bsd/netinet/if_atm.c optional atm *************** *** 305,310 **** --- 308,314 ---- bsd/netinet6/scope6.c optional inet6 bsd/netinet6/udp6_output.c optional inet6 bsd/netinet6/udp6_usrreq.c optional inet6 + bsd/netinet6/mip6.c optional inet6 mip6 bsd/netkey/key.c optional ipsec bsd/netkey/key_debug.c optional ipsec Index: xnu/bsd/crypto/.prepare diff -c /dev/null xnu/bsd/crypto/.prepare:1.1.20.1 *** /dev/null Mon Apr 30 16:58:29 2007 --- xnu/bsd/crypto/.prepare Sun Apr 29 06:59:46 2007 *************** *** 0 **** --- 1,11 ---- + exclude arch + exclude aes + exclude des + exclude md5.c + exclude md5.h + exclude sha1.c + exclude sha1.h + exclude sha2 + exclude blowfish + exclude cast128 + exclude twofish Index: xnu/bsd/kern/.prepare diff -c /dev/null xnu/bsd/kern/.prepare:1.1.20.1 *** /dev/null Mon Apr 30 16:58:30 2007 --- xnu/bsd/kern/.prepare Sun Apr 29 06:59:46 2007 *************** *** 0 **** --- 1 ---- + exclude uipc_mbuf2.c Index: xnu/bsd/kern/sysctl_init.c diff -c xnu/bsd/kern/sysctl_init.c:1.1.1.8 xnu/bsd/kern/sysctl_init.c:1.1.1.8.2.2 *** xnu/bsd/kern/sysctl_init.c:1.1.1.8 Sun Apr 29 06:40:11 2007 --- xnu/bsd/kern/sysctl_init.c Mon Apr 30 16:58:06 2007 *************** *** 416,421 **** --- 416,422 ---- extern struct sysctl_oid sysctl__net_inet6_ip6_rtmaxcache; extern struct sysctl_oid sysctl__net_inet6_ip6_temppltime; extern struct sysctl_oid sysctl__net_inet6_ip6_tempvltime; + extern struct sysctl_oid sysctl__net_inet6_ip6_rthdr0_allowed; #if IPV6FIREWALL extern struct sysctl_oid sysctl__net_inet6_ip6_fw; extern struct sysctl_oid sysctl__net_inet6_ip6_fw_debug; *************** *** 435,440 **** --- 436,443 ---- extern struct sysctl_oid sysctl__net_inet6_icmp6_nd6_mmaxtries; extern struct sysctl_oid sysctl__net_inet6_icmp6_nd6_useloopback; extern struct sysctl_oid sysctl__net_inet6_icmp6_nodeinfo; + extern struct sysctl_oid sysctl__net_inet6_icmp6_nd6_drlist; + extern struct sysctl_oid sysctl__net_inet6_icmp6_nd6_prlist; #if IPSEC extern struct sysctl_oid sysctl__net_inet6_ipsec6; extern struct sysctl_oid sysctl__net_inet6_ipsec6_stats; *************** *** 447,452 **** --- 450,461 ---- extern struct sysctl_oid sysctl__net_inet6_ipsec6_debug; extern struct sysctl_oid sysctl__net_inet6_ipsec6_esp_randpad; #endif + #if MIP6 + extern struct sysctl_oid sysctl__net_inet6_mip6; + extern struct sysctl_oid sysctl__net_inet6_mip6_debug; + extern struct sysctl_oid sysctl__net_inet6_mip6_use_ipsec; + extern struct sysctl_oid sysctl__net_inet6_mip6_rr_hint_ppslimit; + #endif #endif #if IPSEC extern struct sysctl_oid sysctl__net_inet_ipsec; *************** *** 866,871 **** --- 875,882 ---- ,&sysctl__net_inet6_icmp6_errppslimit ,&sysctl__net_inet6_icmp6_nd6_maxnudhint ,&sysctl__net_inet6_icmp6_nd6_debug + ,&sysctl__net_inet6_icmp6_nd6_drlist + ,&sysctl__net_inet6_icmp6_nd6_prlist ,&sysctl__net_inet_tcp_v6mssdflt #if IPV6FIREWALL ,&sysctl__net_inet6_ip6_fw *************** *** 885,890 **** --- 896,907 ---- ,&sysctl__net_inet6_ipsec6_debug ,&sysctl__net_inet6_ipsec6_esp_randpad #endif + #if MIP6 + ,&sysctl__net_inet6_mip6 + ,&sysctl__net_inet6_mip6_debug + ,&sysctl__net_inet6_mip6_use_ipsec + ,&sysctl__net_inet6_mip6_rr_hint_ppslimit + #endif #endif #if IPSEC ,&sysctl__net_key Index: xnu/bsd/kern/uipc_domain.c diff -c xnu/bsd/kern/uipc_domain.c:1.1.1.7 xnu/bsd/kern/uipc_domain.c:1.1.1.7.2.1 *** xnu/bsd/kern/uipc_domain.c:1.1.1.7 Sun Apr 29 06:40:13 2007 --- xnu/bsd/kern/uipc_domain.c Sun Apr 29 06:59:46 2007 *************** *** 257,262 **** --- 257,265 ---- #if INET6 extern struct domain inet6domain; #endif + #if MIP6 + extern struct domain mipdomain; + #endif #if IPSEC extern struct domain keydomain; #endif *************** *** 297,302 **** --- 300,308 ---- #if IPSEC concat_domain(&keydomain); #endif + #if MIP6 + concat_domain(&mipdomain); + #endif #if NS concat_domain(&nsdomain); Index: xnu/bsd/net/.prepare diff -c /dev/null xnu/bsd/net/.prepare:1.1.20.1 *** /dev/null Mon Apr 30 16:58:30 2007 --- xnu/bsd/net/.prepare Sun Apr 29 06:59:46 2007 *************** *** 0 **** --- 1,24 ---- + exclude if_dummy.c + exclude if_faith.c + exclude if_faith.h + exclude if_gif.c + exclude if_gif.h + exclude if_ist.c + exclude if_ist.h + exclude if_pflog.c + exclude if_pflog.h + exclude if_pfsync.c + exclude if_pfsync.h + exclude if_stf.c + exclude if_stf.h + exclude pf.c + exclude pf_ioctl.c + exclude pf_norm.c + exclude pf_osfp.c + exclude pf_table.c + exclude pfkeyv2.h + exclude pfvar.h + exclude radix_art.c + exclude radix_art.h + exclude radix_mpath.c + exclude radix_mpath.h Index: xnu/bsd/net/if_types.h diff -c xnu/bsd/net/if_types.h:1.1.1.5 xnu/bsd/net/if_types.h:1.1.1.5.2.1 *** xnu/bsd/net/if_types.h:1.1.1.5 Sun Apr 29 06:40:34 2007 --- xnu/bsd/net/if_types.h Sun Apr 29 06:59:46 2007 *************** *** 141,144 **** --- 141,145 ---- #define IFT_GIF 0x37 /*0xf0*/ #define IFT_FAITH 0x38 /*0xf2*/ #define IFT_STF 0x39 /*0xf3*/ + #define IFT_MIP 0x3a #endif Index: xnu/bsd/net/if_var.h diff -c xnu/bsd/net/if_var.h:1.1.1.7 xnu/bsd/net/if_var.h:1.1.1.7.2.1 *** xnu/bsd/net/if_var.h:1.1.1.7 Sun Apr 29 06:40:34 2007 --- xnu/bsd/net/if_var.h Sun Apr 29 06:59:46 2007 *************** *** 91,96 **** --- 91,97 ---- #define APPLE_IF_FAM_STF 12 #define APPLE_IF_FAM_FIREWIRE 13 #define APPLE_IF_FAM_BOND 14 + #define APPLE_IF_FAM_MIP 15 #endif __APPLE__ /* Index: xnu/bsd/net/pfkeyv2.h diff -c xnu/bsd/net/pfkeyv2.h:1.1.1.5 xnu/bsd/net/pfkeyv2.h:1.1.1.5.2.1 *** xnu/bsd/net/pfkeyv2.h:1.1.1.5 Sun Apr 29 06:40:36 2007 --- xnu/bsd/net/pfkeyv2.h Sun Apr 29 06:59:46 2007 *************** *** 102,108 **** #define SADB_X_SPDSETIDX 20 #define SADB_X_SPDEXPIRE 21 #define SADB_X_SPDDELETE2 22 /* by policy id */ ! #define SADB_MAX 22 struct sadb_msg { u_int8_t sadb_msg_version; --- 102,110 ---- #define SADB_X_SPDSETIDX 20 #define SADB_X_SPDEXPIRE 21 #define SADB_X_SPDDELETE2 22 /* by policy id */ ! /* #define SADB_X_NAT_T_NEW_MAPPING 23 NetBSD extension */ ! #define SADB_X_MIGRATE 24 /* draft-sugimoto-mip6-pfkey-migrate */ ! #define SADB_MAX 24 struct sadb_msg { u_int8_t sadb_msg_version; Index: xnu/bsd/net/route.h diff -c xnu/bsd/net/route.h:1.1.1.5 xnu/bsd/net/route.h:1.1.1.5.2.1 *** xnu/bsd/net/route.h:1.1.1.5 Sun Apr 29 06:40:37 2007 --- xnu/bsd/net/route.h Sun Apr 29 06:59:46 2007 *************** *** 272,277 **** --- 272,278 ---- #define RTM_IFINFO2 0x12 /* */ #define RTM_NEWMADDR2 0x13 /* */ #define RTM_GET2 0x14 /* */ + #define RTM_ADDRINFO 0x15 /* change address flags */ /* * Bitmask values for rtm_inits and rmx_locks. *************** *** 334,339 **** --- 335,341 ---- void route_init(void); void rt_ifmsg(struct ifnet *); + void rt_addrinfomsg(struct ifaddr *); void rt_missmsg(int, struct rt_addrinfo *, int, int); void rt_newaddrmsg(int, struct ifaddr *, int, struct rtentry *); void rt_newmaddrmsg(int, struct ifmultiaddr *); Index: xnu/bsd/net/rtsock.c diff -c xnu/bsd/net/rtsock.c:1.1.1.5 xnu/bsd/net/rtsock.c:1.1.1.5.2.1 *** xnu/bsd/net/rtsock.c:1.1.1.5 Sun Apr 29 06:40:37 2007 --- xnu/bsd/net/rtsock.c Sun Apr 29 06:59:46 2007 *************** *** 794,799 **** --- 794,800 ---- case RTM_DELADDR: case RTM_NEWADDR: + case RTM_ADDRINFO: len = sizeof(struct ifa_msghdr); break; *************** *** 1094,1099 **** --- 1095,1128 ---- } /* + * This routine is called to generate a message from the routing + * socket indicating that the status of a address has changed. + */ + void + rt_addrinfomsg(ifa) + register struct ifaddr *ifa; + { + struct ifnet *ifp = ifa->ifa_ifp; + struct ifa_msghdr *ifam; + struct mbuf *m; + struct rt_addrinfo info; + + if (route_cb.any_count == 0) + return; + bzero((caddr_t)&info, sizeof(info)); + info.rti_info[RTAX_IFA] = ifa->ifa_addr; + m = rt_msg1(RTM_ADDRINFO, &info); + if (m == 0) + return; + ifam = mtod(m, struct ifa_msghdr *); + ifam->ifam_index = ifp->if_index; + ifam->ifam_metric = ifa->ifa_metric; + ifam->ifam_flags = ifa->ifa_flags; + ifam->ifam_addrs = info.rti_addrs; + raw_input(m, &route_proto, &route_src, &route_dst); + } + + /* * This is used in dumping the kernel table via sysctl(). */ int Index: xnu/bsd/netinet/.prepare diff -c /dev/null xnu/bsd/netinet/.prepare:1.1.20.1 *** /dev/null Mon Apr 30 16:58:30 2007 --- xnu/bsd/netinet/.prepare Sun Apr 29 06:59:46 2007 *************** *** 0 **** --- 1,48 ---- + exclude dccp.h + exclude dccp_cc_sw.c + exclude dccp_cc_sw.h + exclude dccp_tcplike.c + exclude dccp_tcplike.h + exclude dccp_usrreq.c + exclude dccp_var.h + exclude in4_cksum.c + exclude in_gif.c + exclude in_gif.h + exclude in_msf.c + exclude in_msf.h + exclude ip6.h + exclude ip_ecn.c + exclude ip_ecn.h + exclude ip_encap.c + exclude ip_encap.h + exclude ip_id.c + exclude sctp.h + exclude sctp_asconf.c + exclude sctp_asconf.h + exclude sctp_callout.h + exclude sctp_constants.h + exclude sctp_crc32.c + exclude sctp_crc32.h + exclude sctp_hashdriver.c + exclude sctp_hashdriver.h + exclude sctp_header.h + exclude sctp_indata.c + exclude sctp_indata.h + exclude sctp_input.c + exclude sctp_input.h + exclude sctp_output.c + exclude sctp_output.h + exclude sctp_pcb.c + exclude sctp_pcb.h + exclude sctp_peeloff.c + exclude sctp_peeloff.h + exclude sctp_sha1.c + exclude sctp_sha1.h + exclude sctp_structs.h + exclude sctp_timer.c + exclude sctp_timer.h + exclude sctp_uio.h + exclude sctp_usrreq.c + exclude sctp_var.h + exclude sctputil.c + exclude sctputil.h Index: xnu/bsd/netinet/icmp6.h diff -c xnu/bsd/netinet/icmp6.h:1.1.1.5 xnu/bsd/netinet/icmp6.h:removed *** xnu/bsd/netinet/icmp6.h:1.1.1.5 Sun Apr 29 06:40:45 2007 --- xnu/bsd/netinet/icmp6.h Mon Apr 30 16:58:30 2007 *************** *** 1,736 **** - /* - * Copyright (c) 2000 Apple Computer, Inc. All rights reserved. - * - * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ - * - * This file contains Original Code and/or Modifications of Original Code - * as defined in and that are subject to the Apple Public Source License - * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. The rights granted to you under the License - * may not be used to create, or enable the creation or redistribution of, - * unlawful or unlicensed copies of an Apple operating system, or to - * circumvent, violate, or enable the circumvention or violation of, any - * terms of an Apple operating system software license agreement. - * - * Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. - * Please see the License for the specific language governing rights and - * limitations under the License. - * - * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ - */ - /* $KAME: icmp6.h,v 1.46 2001/04/27 15:09:48 itojun Exp $ */ - - /* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - /* - * Copyright (c) 1982, 1986, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ip_icmp.h 8.1 (Berkeley) 6/10/93 - */ - - #ifndef _NETINET_ICMP6_H_ - #define _NETINET_ICMP6_H_ - #include - - #define ICMPV6_PLD_MAXLEN 1232 /* IPV6_MMTU - sizeof(struct ip6_hdr) - - sizeof(struct icmp6_hdr) */ - - struct icmp6_hdr { - u_int8_t icmp6_type; /* type field */ - u_int8_t icmp6_code; /* code field */ - u_int16_t icmp6_cksum; /* checksum field */ - union { - u_int32_t icmp6_un_data32[1]; /* type-specific field */ - u_int16_t icmp6_un_data16[2]; /* type-specific field */ - u_int8_t icmp6_un_data8[4]; /* type-specific field */ - } icmp6_dataun; - }; - - #define icmp6_data32 icmp6_dataun.icmp6_un_data32 - #define icmp6_data16 icmp6_dataun.icmp6_un_data16 - #define icmp6_data8 icmp6_dataun.icmp6_un_data8 - #define icmp6_pptr icmp6_data32[0] /* parameter prob */ - #define icmp6_mtu icmp6_data32[0] /* packet too big */ - #define icmp6_id icmp6_data16[0] /* echo request/reply */ - #define icmp6_seq icmp6_data16[1] /* echo request/reply */ - #define icmp6_maxdelay icmp6_data16[0] /* mcast group membership */ - - #define ICMP6_DST_UNREACH 1 /* dest unreachable, codes: */ - #define ICMP6_PACKET_TOO_BIG 2 /* packet too big */ - #define ICMP6_TIME_EXCEEDED 3 /* time exceeded, code: */ - #define ICMP6_PARAM_PROB 4 /* ip6 header bad */ - - #define ICMP6_ECHO_REQUEST 128 /* echo service */ - #define ICMP6_ECHO_REPLY 129 /* echo reply */ - #define ICMP6_MEMBERSHIP_QUERY 130 /* group membership query */ - #define MLD6_LISTENER_QUERY 130 /* multicast listener query */ - #define ICMP6_MEMBERSHIP_REPORT 131 /* group membership report */ - #define MLD6_LISTENER_REPORT 131 /* multicast listener report */ - #define ICMP6_MEMBERSHIP_REDUCTION 132 /* group membership termination */ - #define MLD6_LISTENER_DONE 132 /* multicast listener done */ - - #define ND_ROUTER_SOLICIT 133 /* router solicitation */ - #define ND_ROUTER_ADVERT 134 /* router advertisment */ - #define ND_NEIGHBOR_SOLICIT 135 /* neighbor solicitation */ - #define ND_NEIGHBOR_ADVERT 136 /* neighbor advertisment */ - #define ND_REDIRECT 137 /* redirect */ - - #define ICMP6_ROUTER_RENUMBERING 138 /* router renumbering */ - - #define ICMP6_WRUREQUEST 139 /* who are you request */ - #define ICMP6_WRUREPLY 140 /* who are you reply */ - #define ICMP6_FQDN_QUERY 139 /* FQDN query */ - #define ICMP6_FQDN_REPLY 140 /* FQDN reply */ - #define ICMP6_NI_QUERY 139 /* node information request */ - #define ICMP6_NI_REPLY 140 /* node information reply */ - - /* The definitions below are experimental. TBA */ - #define MLD6_MTRACE_RESP 200 /* mtrace response(to sender) */ - #define MLD6_MTRACE 201 /* mtrace messages */ - - #define ICMP6_HADISCOV_REQUEST 202 /* XXX To be defined */ - #define ICMP6_HADISCOV_REPLY 203 /* XXX To be defined */ - - #define ICMP6_MAXTYPE 203 - - #define ICMP6_DST_UNREACH_NOROUTE 0 /* no route to destination */ - #define ICMP6_DST_UNREACH_ADMIN 1 /* administratively prohibited */ - #define ICMP6_DST_UNREACH_NOTNEIGHBOR 2 /* not a neighbor(obsolete) */ - #define ICMP6_DST_UNREACH_BEYONDSCOPE 2 /* beyond scope of source address */ - #define ICMP6_DST_UNREACH_ADDR 3 /* address unreachable */ - #define ICMP6_DST_UNREACH_NOPORT 4 /* port unreachable */ - - #define ICMP6_TIME_EXCEED_TRANSIT 0 /* ttl==0 in transit */ - #define ICMP6_TIME_EXCEED_REASSEMBLY 1 /* ttl==0 in reass */ - - #define ICMP6_PARAMPROB_HEADER 0 /* erroneous header field */ - #define ICMP6_PARAMPROB_NEXTHEADER 1 /* unrecognized next header */ - #define ICMP6_PARAMPROB_OPTION 2 /* unrecognized option */ - - #define ICMP6_INFOMSG_MASK 0x80 /* all informational messages */ - - #define ICMP6_NI_SUBJ_IPV6 0 /* Query Subject is an IPv6 address */ - #define ICMP6_NI_SUBJ_FQDN 1 /* Query Subject is a Domain name */ - #define ICMP6_NI_SUBJ_IPV4 2 /* Query Subject is an IPv4 address */ - - #define ICMP6_NI_SUCCESS 0 /* node information successful reply */ - #define ICMP6_NI_REFUSED 1 /* node information request is refused */ - #define ICMP6_NI_UNKNOWN 2 /* unknown Qtype */ - - #define ICMP6_ROUTER_RENUMBERING_COMMAND 0 /* rr command */ - #define ICMP6_ROUTER_RENUMBERING_RESULT 1 /* rr result */ - #define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 255 /* rr seq num reset */ - - /* Used in kernel only */ - #define ND_REDIRECT_ONLINK 0 /* redirect to an on-link node */ - #define ND_REDIRECT_ROUTER 1 /* redirect to a better router */ - - /* - * Multicast Listener Discovery - */ - struct mld6_hdr { - struct icmp6_hdr mld6_hdr; - struct in6_addr mld6_addr; /* multicast address */ - }; - - #define mld6_type mld6_hdr.icmp6_type - #define mld6_code mld6_hdr.icmp6_code - #define mld6_cksum mld6_hdr.icmp6_cksum - #define mld6_maxdelay mld6_hdr.icmp6_data16[0] - #define mld6_reserved mld6_hdr.icmp6_data16[1] - - /* - * Neighbor Discovery - */ - - struct nd_router_solicit { /* router solicitation */ - struct icmp6_hdr nd_rs_hdr; - /* could be followed by options */ - }; - - #define nd_rs_type nd_rs_hdr.icmp6_type - #define nd_rs_code nd_rs_hdr.icmp6_code - #define nd_rs_cksum nd_rs_hdr.icmp6_cksum - #define nd_rs_reserved nd_rs_hdr.icmp6_data32[0] - - struct nd_router_advert { /* router advertisement */ - struct icmp6_hdr nd_ra_hdr; - u_int32_t nd_ra_reachable; /* reachable time */ - u_int32_t nd_ra_retransmit; /* retransmit timer */ - /* could be followed by options */ - }; - - #define nd_ra_type nd_ra_hdr.icmp6_type - #define nd_ra_code nd_ra_hdr.icmp6_code - #define nd_ra_cksum nd_ra_hdr.icmp6_cksum - #define nd_ra_curhoplimit nd_ra_hdr.icmp6_data8[0] - #define nd_ra_flags_reserved nd_ra_hdr.icmp6_data8[1] - #define ND_RA_FLAG_MANAGED 0x80 - #define ND_RA_FLAG_OTHER 0x40 - #define ND_RA_FLAG_HA 0x20 - - /* - * Router preference values based on draft-draves-ipngwg-router-selection-01. - * These are non-standard definitions. - */ - #define ND_RA_FLAG_RTPREF_MASK 0x18 /* 00011000 */ - - #define ND_RA_FLAG_RTPREF_HIGH 0x08 /* 00001000 */ - #define ND_RA_FLAG_RTPREF_MEDIUM 0x00 /* 00000000 */ - #define ND_RA_FLAG_RTPREF_LOW 0x18 /* 00011000 */ - #define ND_RA_FLAG_RTPREF_RSV 0x10 /* 00010000 */ - - #define nd_ra_router_lifetime nd_ra_hdr.icmp6_data16[1] - - struct nd_neighbor_solicit { /* neighbor solicitation */ - struct icmp6_hdr nd_ns_hdr; - struct in6_addr nd_ns_target; /*target address */ - /* could be followed by options */ - }; - - #define nd_ns_type nd_ns_hdr.icmp6_type - #define nd_ns_code nd_ns_hdr.icmp6_code - #define nd_ns_cksum nd_ns_hdr.icmp6_cksum - #define nd_ns_reserved nd_ns_hdr.icmp6_data32[0] - - struct nd_neighbor_advert { /* neighbor advertisement */ - struct icmp6_hdr nd_na_hdr; - struct in6_addr nd_na_target; /* target address */ - /* could be followed by options */ - }; - - #define nd_na_type nd_na_hdr.icmp6_type - #define nd_na_code nd_na_hdr.icmp6_code - #define nd_na_cksum nd_na_hdr.icmp6_cksum - #define nd_na_flags_reserved nd_na_hdr.icmp6_data32[0] - #if BYTE_ORDER == BIG_ENDIAN - #define ND_NA_FLAG_ROUTER 0x80000000 - #define ND_NA_FLAG_SOLICITED 0x40000000 - #define ND_NA_FLAG_OVERRIDE 0x20000000 - #else - #if BYTE_ORDER == LITTLE_ENDIAN - #define ND_NA_FLAG_ROUTER 0x80 - #define ND_NA_FLAG_SOLICITED 0x40 - #define ND_NA_FLAG_OVERRIDE 0x20 - #endif - #endif - - struct nd_redirect { /* redirect */ - struct icmp6_hdr nd_rd_hdr; - struct in6_addr nd_rd_target; /* target address */ - struct in6_addr nd_rd_dst; /* destination address */ - /* could be followed by options */ - }; - - #define nd_rd_type nd_rd_hdr.icmp6_type - #define nd_rd_code nd_rd_hdr.icmp6_code - #define nd_rd_cksum nd_rd_hdr.icmp6_cksum - #define nd_rd_reserved nd_rd_hdr.icmp6_data32[0] - - struct nd_opt_hdr { /* Neighbor discovery option header */ - u_int8_t nd_opt_type; - u_int8_t nd_opt_len; - /* followed by option specific data*/ - }; - - #define ND_OPT_SOURCE_LINKADDR 1 - #define ND_OPT_TARGET_LINKADDR 2 - #define ND_OPT_PREFIX_INFORMATION 3 - #define ND_OPT_REDIRECTED_HEADER 4 - #define ND_OPT_MTU 5 - - #define ND_OPT_ROUTE_INFO 200 /* draft-ietf-ipngwg-router-preference, not officially assigned yet */ - - struct nd_opt_prefix_info { /* prefix information */ - u_int8_t nd_opt_pi_type; - u_int8_t nd_opt_pi_len; - u_int8_t nd_opt_pi_prefix_len; - u_int8_t nd_opt_pi_flags_reserved; - u_int32_t nd_opt_pi_valid_time; - u_int32_t nd_opt_pi_preferred_time; - u_int32_t nd_opt_pi_reserved2; - struct in6_addr nd_opt_pi_prefix; - }; - - #define ND_OPT_PI_FLAG_ONLINK 0x80 - #define ND_OPT_PI_FLAG_AUTO 0x40 - - struct nd_opt_rd_hdr { /* redirected header */ - u_int8_t nd_opt_rh_type; - u_int8_t nd_opt_rh_len; - u_int16_t nd_opt_rh_reserved1; - u_int32_t nd_opt_rh_reserved2; - /* followed by IP header and data */ - }; - - struct nd_opt_mtu { /* MTU option */ - u_int8_t nd_opt_mtu_type; - u_int8_t nd_opt_mtu_len; - u_int16_t nd_opt_mtu_reserved; - u_int32_t nd_opt_mtu_mtu; - }; - - struct nd_opt_route_info { /* route info */ - u_int8_t nd_opt_rti_type; - u_int8_t nd_opt_rti_len; - u_int8_t nd_opt_rti_prefixlen; - u_int8_t nd_opt_rti_flags; - u_int32_t nd_opt_rti_lifetime; - /* followed by prefix */ - }; - - /* - * icmp6 namelookup - */ - - struct icmp6_namelookup { - struct icmp6_hdr icmp6_nl_hdr; - u_int8_t icmp6_nl_nonce[8]; - int32_t icmp6_nl_ttl; - #if 0 - u_int8_t icmp6_nl_len; - u_int8_t icmp6_nl_name[3]; - #endif - /* could be followed by options */ - }; - - /* - * icmp6 node information - */ - struct icmp6_nodeinfo { - struct icmp6_hdr icmp6_ni_hdr; - u_int8_t icmp6_ni_nonce[8]; - /* could be followed by reply data */ - }; - - #define ni_type icmp6_ni_hdr.icmp6_type - #define ni_code icmp6_ni_hdr.icmp6_code - #define ni_cksum icmp6_ni_hdr.icmp6_cksum - #define ni_qtype icmp6_ni_hdr.icmp6_data16[0] - #define ni_flags icmp6_ni_hdr.icmp6_data16[1] - - #define NI_QTYPE_NOOP 0 /* NOOP */ - #define NI_QTYPE_SUPTYPES 1 /* Supported Qtypes */ - #define NI_QTYPE_FQDN 2 /* FQDN (draft 04) */ - #define NI_QTYPE_DNSNAME 2 /* DNS Name */ - #define NI_QTYPE_NODEADDR 3 /* Node Addresses */ - #define NI_QTYPE_IPV4ADDR 4 /* IPv4 Addresses */ - - #if BYTE_ORDER == BIG_ENDIAN - #define NI_SUPTYPE_FLAG_COMPRESS 0x1 - #define NI_FQDN_FLAG_VALIDTTL 0x1 - #elif BYTE_ORDER == LITTLE_ENDIAN - #define NI_SUPTYPE_FLAG_COMPRESS 0x0100 - #define NI_FQDN_FLAG_VALIDTTL 0x0100 - #endif - - #ifdef NAME_LOOKUPS_04 - #if BYTE_ORDER == BIG_ENDIAN - #define NI_NODEADDR_FLAG_LINKLOCAL 0x1 - #define NI_NODEADDR_FLAG_SITELOCAL 0x2 - #define NI_NODEADDR_FLAG_GLOBAL 0x4 - #define NI_NODEADDR_FLAG_ALL 0x8 - #define NI_NODEADDR_FLAG_TRUNCATE 0x10 - #define NI_NODEADDR_FLAG_ANYCAST 0x20 /* just experimental. not in spec */ - #elif BYTE_ORDER == LITTLE_ENDIAN - #define NI_NODEADDR_FLAG_LINKLOCAL 0x0100 - #define NI_NODEADDR_FLAG_SITELOCAL 0x0200 - #define NI_NODEADDR_FLAG_GLOBAL 0x0400 - #define NI_NODEADDR_FLAG_ALL 0x0800 - #define NI_NODEADDR_FLAG_TRUNCATE 0x1000 - #define NI_NODEADDR_FLAG_ANYCAST 0x2000 /* just experimental. not in spec */ - #endif - #else /* draft-ietf-ipngwg-icmp-name-lookups-05 (and later?) */ - #if BYTE_ORDER == BIG_ENDIAN - #define NI_NODEADDR_FLAG_TRUNCATE 0x1 - #define NI_NODEADDR_FLAG_ALL 0x2 - #define NI_NODEADDR_FLAG_COMPAT 0x4 - #define NI_NODEADDR_FLAG_LINKLOCAL 0x8 - #define NI_NODEADDR_FLAG_SITELOCAL 0x10 - #define NI_NODEADDR_FLAG_GLOBAL 0x20 - #define NI_NODEADDR_FLAG_ANYCAST 0x40 /* just experimental. not in spec */ - #elif BYTE_ORDER == LITTLE_ENDIAN - #define NI_NODEADDR_FLAG_TRUNCATE 0x0100 - #define NI_NODEADDR_FLAG_ALL 0x0200 - #define NI_NODEADDR_FLAG_COMPAT 0x0400 - #define NI_NODEADDR_FLAG_LINKLOCAL 0x0800 - #define NI_NODEADDR_FLAG_SITELOCAL 0x1000 - #define NI_NODEADDR_FLAG_GLOBAL 0x2000 - #define NI_NODEADDR_FLAG_ANYCAST 0x4000 /* just experimental. not in spec */ - #endif - #endif - - struct ni_reply_fqdn { - u_int32_t ni_fqdn_ttl; /* TTL */ - u_int8_t ni_fqdn_namelen; /* length in octets of the FQDN */ - u_int8_t ni_fqdn_name[3]; /* XXX: alignment */ - }; - - /* - * Router Renumbering. as router-renum-08.txt - */ - struct icmp6_router_renum { /* router renumbering header */ - struct icmp6_hdr rr_hdr; - u_int8_t rr_segnum; - u_int8_t rr_flags; - u_int16_t rr_maxdelay; - u_int32_t rr_reserved; - }; - - #define ICMP6_RR_FLAGS_TEST 0x80 - #define ICMP6_RR_FLAGS_REQRESULT 0x40 - #define ICMP6_RR_FLAGS_FORCEAPPLY 0x20 - #define ICMP6_RR_FLAGS_SPECSITE 0x10 - #define ICMP6_RR_FLAGS_PREVDONE 0x08 - - #define rr_type rr_hdr.icmp6_type - #define rr_code rr_hdr.icmp6_code - #define rr_cksum rr_hdr.icmp6_cksum - #define rr_seqnum rr_hdr.icmp6_data32[0] - - struct rr_pco_match { /* match prefix part */ - u_int8_t rpm_code; - u_int8_t rpm_len; - u_int8_t rpm_ordinal; - u_int8_t rpm_matchlen; - u_int8_t rpm_minlen; - u_int8_t rpm_maxlen; - u_int16_t rpm_reserved; - struct in6_addr rpm_prefix; - }; - - #define RPM_PCO_ADD 1 - #define RPM_PCO_CHANGE 2 - #define RPM_PCO_SETGLOBAL 3 - #define RPM_PCO_MAX 4 - - struct rr_pco_use { /* use prefix part */ - u_int8_t rpu_uselen; - u_int8_t rpu_keeplen; - u_int8_t rpu_ramask; - u_int8_t rpu_raflags; - u_int32_t rpu_vltime; - u_int32_t rpu_pltime; - u_int32_t rpu_flags; - struct in6_addr rpu_prefix; - }; - #define ICMP6_RR_PCOUSE_RAFLAGS_ONLINK 0x80 - #define ICMP6_RR_PCOUSE_RAFLAGS_AUTO 0x40 - - #if BYTE_ORDER == BIG_ENDIAN - #define ICMP6_RR_PCOUSE_FLAGS_DECRVLTIME 0x80000000 - #define ICMP6_RR_PCOUSE_FLAGS_DECRPLTIME 0x40000000 - #elif BYTE_ORDER == LITTLE_ENDIAN - #define ICMP6_RR_PCOUSE_FLAGS_DECRVLTIME 0x80 - #define ICMP6_RR_PCOUSE_FLAGS_DECRPLTIME 0x40 - #endif - - struct rr_result { /* router renumbering result message */ - u_int16_t rrr_flags; - u_int8_t rrr_ordinal; - u_int8_t rrr_matchedlen; - u_int32_t rrr_ifid; - struct in6_addr rrr_prefix; - }; - #if BYTE_ORDER == BIG_ENDIAN - #define ICMP6_RR_RESULT_FLAGS_OOB 0x0002 - #define ICMP6_RR_RESULT_FLAGS_FORBIDDEN 0x0001 - #elif BYTE_ORDER == LITTLE_ENDIAN - #define ICMP6_RR_RESULT_FLAGS_OOB 0x0200 - #define ICMP6_RR_RESULT_FLAGS_FORBIDDEN 0x0100 - #endif - - /* - * icmp6 filter structures. - */ - - struct icmp6_filter { - u_int32_t icmp6_filt[8]; - }; - - #ifdef KERNEL - #define ICMP6_FILTER_SETPASSALL(filterp) \ - do { \ - int i; u_char *p; \ - p = (u_char *)filterp; \ - for (i = 0; i < sizeof(struct icmp6_filter); i++) \ - p[i] = 0xff; \ - } while (0) - #define ICMP6_FILTER_SETBLOCKALL(filterp) \ - bzero(filterp, sizeof(struct icmp6_filter)) - #else /* KERNEL */ - #define ICMP6_FILTER_SETPASSALL(filterp) \ - memset(filterp, 0xff, sizeof(struct icmp6_filter)) - #define ICMP6_FILTER_SETBLOCKALL(filterp) \ - memset(filterp, 0x00, sizeof(struct icmp6_filter)) - #endif /* KERNEL */ - - #define ICMP6_FILTER_SETPASS(type, filterp) \ - (((filterp)->icmp6_filt[(type) >> 5]) |= (1 << ((type) & 31))) - #define ICMP6_FILTER_SETBLOCK(type, filterp) \ - (((filterp)->icmp6_filt[(type) >> 5]) &= ~(1 << ((type) & 31))) - #define ICMP6_FILTER_WILLPASS(type, filterp) \ - ((((filterp)->icmp6_filt[(type) >> 5]) & (1 << ((type) & 31))) != 0) - #define ICMP6_FILTER_WILLBLOCK(type, filterp) \ - ((((filterp)->icmp6_filt[(type) >> 5]) & (1 << ((type) & 31))) == 0) - - /* - * Variables related to this implementation - * of the internet control message protocol version 6. - */ - struct icmp6errstat { - u_quad_t icp6errs_dst_unreach_noroute; - u_quad_t icp6errs_dst_unreach_admin; - u_quad_t icp6errs_dst_unreach_beyondscope; - u_quad_t icp6errs_dst_unreach_addr; - u_quad_t icp6errs_dst_unreach_noport; - u_quad_t icp6errs_packet_too_big; - u_quad_t icp6errs_time_exceed_transit; - u_quad_t icp6errs_time_exceed_reassembly; - u_quad_t icp6errs_paramprob_header; - u_quad_t icp6errs_paramprob_nextheader; - u_quad_t icp6errs_paramprob_option; - u_quad_t icp6errs_redirect; /* we regard redirect as an error here */ - u_quad_t icp6errs_unknown; - }; - - struct icmp6stat { - /* statistics related to icmp6 packets generated */ - u_quad_t icp6s_error; /* # of calls to icmp6_error */ - u_quad_t icp6s_canterror; /* no error 'cuz old was icmp */ - u_quad_t icp6s_toofreq; /* no error 'cuz rate limitation */ - u_quad_t icp6s_outhist[256]; - /* statistics related to input message processed */ - u_quad_t icp6s_badcode; /* icmp6_code out of range */ - u_quad_t icp6s_tooshort; /* packet < sizeof(struct icmp6_hdr) */ - u_quad_t icp6s_checksum; /* bad checksum */ - u_quad_t icp6s_badlen; /* calculated bound mismatch */ - u_quad_t icp6s_reflect; /* number of responses */ - u_quad_t icp6s_inhist[256]; - u_quad_t icp6s_nd_toomanyopt; /* too many ND options */ - struct icmp6errstat icp6s_outerrhist; - #define icp6s_odst_unreach_noroute \ - icp6s_outerrhist.icp6errs_dst_unreach_noroute - #define icp6s_odst_unreach_admin icp6s_outerrhist.icp6errs_dst_unreach_admin - #define icp6s_odst_unreach_beyondscope \ - icp6s_outerrhist.icp6errs_dst_unreach_beyondscope - #define icp6s_odst_unreach_addr icp6s_outerrhist.icp6errs_dst_unreach_addr - #define icp6s_odst_unreach_noport icp6s_outerrhist.icp6errs_dst_unreach_noport - #define icp6s_opacket_too_big icp6s_outerrhist.icp6errs_packet_too_big - #define icp6s_otime_exceed_transit \ - icp6s_outerrhist.icp6errs_time_exceed_transit - #define icp6s_otime_exceed_reassembly \ - icp6s_outerrhist.icp6errs_time_exceed_reassembly - #define icp6s_oparamprob_header icp6s_outerrhist.icp6errs_paramprob_header - #define icp6s_oparamprob_nextheader \ - icp6s_outerrhist.icp6errs_paramprob_nextheader - #define icp6s_oparamprob_option icp6s_outerrhist.icp6errs_paramprob_option - #define icp6s_oredirect icp6s_outerrhist.icp6errs_redirect - #define icp6s_ounknown icp6s_outerrhist.icp6errs_unknown - u_quad_t icp6s_pmtuchg; /* path MTU changes */ - u_quad_t icp6s_nd_badopt; /* bad ND options */ - u_quad_t icp6s_badns; /* bad neighbor solicitation */ - u_quad_t icp6s_badna; /* bad neighbor advertisement */ - u_quad_t icp6s_badrs; /* bad router advertisement */ - u_quad_t icp6s_badra; /* bad router advertisement */ - u_quad_t icp6s_badredirect; /* bad redirect message */ - }; - - /* - * Names for ICMP sysctl objects - */ - #define ICMPV6CTL_STATS 1 - #define ICMPV6CTL_REDIRACCEPT 2 /* accept/process redirects */ - #define ICMPV6CTL_REDIRTIMEOUT 3 /* redirect cache time */ - #define ICMPV6CTL_ND6_PRUNE 6 - #define ICMPV6CTL_ND6_DELAY 8 - #define ICMPV6CTL_ND6_UMAXTRIES 9 - #define ICMPV6CTL_ND6_MMAXTRIES 10 - #define ICMPV6CTL_ND6_USELOOPBACK 11 - /*#define ICMPV6CTL_ND6_PROXYALL 12 obsoleted, do not reuse here */ - #define ICMPV6CTL_NODEINFO 13 - #define ICMPV6CTL_ERRPPSLIMIT 14 /* ICMPv6 error pps limitation */ - #define ICMPV6CTL_ND6_MAXNUDHINT 15 - #define ICMPV6CTL_MTUDISC_HIWAT 16 - #define ICMPV6CTL_MTUDISC_LOWAT 17 - #define ICMPV6CTL_ND6_DEBUG 18 - #define ICMPV6CTL_ND6_DRLIST 19 - #define ICMPV6CTL_ND6_PRLIST 20 - #define ICMPV6CTL_MAXID 21 - - #ifdef KERNEL_PRIVATE - #define ICMPV6CTL_NAMES { \ - { 0, 0 }, \ - { 0, 0 }, \ - { "rediraccept", CTLTYPE_INT }, \ - { "redirtimeout", CTLTYPE_INT }, \ - { 0, 0 }, \ - { 0, 0 }, \ - { "nd6_prune", CTLTYPE_INT }, \ - { 0, 0 }, \ - { "nd6_delay", CTLTYPE_INT }, \ - { "nd6_umaxtries", CTLTYPE_INT }, \ - { "nd6_mmaxtries", CTLTYPE_INT }, \ - { "nd6_useloopback", CTLTYPE_INT }, \ - { 0, 0 }, \ - { "nodeinfo", CTLTYPE_INT }, \ - { "errppslimit", CTLTYPE_INT }, \ - { "nd6_maxnudhint", CTLTYPE_INT }, \ - { "mtudisc_hiwat", CTLTYPE_INT }, \ - { "mtudisc_lowat", CTLTYPE_INT }, \ - { "nd6_debug", CTLTYPE_INT }, \ - { 0, 0 }, \ - { 0, 0 }, \ - } - - #define RTF_PROBEMTU RTF_PROTO1 - - # ifdef __STDC__ - struct rtentry; - struct rttimer; - struct in6_multi; - # endif - void icmp6_init(void); - void icmp6_paramerror(struct mbuf *, int); - void icmp6_error(struct mbuf *, int, int, int); - int icmp6_input(struct mbuf **, int *); - void icmp6_fasttimo(void); - void icmp6_reflect(struct mbuf *, size_t); - void icmp6_prepare(struct mbuf *); - void icmp6_redirect_input(struct mbuf *, int); - void icmp6_redirect_output(struct mbuf *, struct rtentry *); - - struct ip6ctlparam; - void icmp6_mtudisc_update(struct ip6ctlparam *, int); - - /* XXX: is this the right place for these macros? */ - #define icmp6_ifstat_inc(ifp, tag) \ - do { \ - if ((ifp) && (ifp)->if_index <= if_index \ - && (ifp)->if_index < icmp6_ifstatmax \ - && icmp6_ifstat && icmp6_ifstat[(ifp)->if_index]) { \ - icmp6_ifstat[(ifp)->if_index]->tag++; \ - } \ - } while (0) - - #define icmp6_ifoutstat_inc(ifp, type, code) \ - do { \ - icmp6_ifstat_inc(ifp, ifs6_out_msg); \ - if (type < ICMP6_INFOMSG_MASK) \ - icmp6_ifstat_inc(ifp, ifs6_out_error); \ - switch(type) { \ - case ICMP6_DST_UNREACH: \ - icmp6_ifstat_inc(ifp, ifs6_out_dstunreach); \ - if (code == ICMP6_DST_UNREACH_ADMIN) \ - icmp6_ifstat_inc(ifp, ifs6_out_adminprohib); \ - break; \ - case ICMP6_PACKET_TOO_BIG: \ - icmp6_ifstat_inc(ifp, ifs6_out_pkttoobig); \ - break; \ - case ICMP6_TIME_EXCEEDED: \ - icmp6_ifstat_inc(ifp, ifs6_out_timeexceed); \ - break; \ - case ICMP6_PARAM_PROB: \ - icmp6_ifstat_inc(ifp, ifs6_out_paramprob); \ - break; \ - case ICMP6_ECHO_REQUEST: \ - icmp6_ifstat_inc(ifp, ifs6_out_echo); \ - break; \ - case ICMP6_ECHO_REPLY: \ - icmp6_ifstat_inc(ifp, ifs6_out_echoreply); \ - break; \ - case MLD6_LISTENER_QUERY: \ - icmp6_ifstat_inc(ifp, ifs6_out_mldquery); \ - break; \ - case MLD6_LISTENER_REPORT: \ - icmp6_ifstat_inc(ifp, ifs6_out_mldreport); \ - break; \ - case MLD6_LISTENER_DONE: \ - icmp6_ifstat_inc(ifp, ifs6_out_mlddone); \ - break; \ - case ND_ROUTER_SOLICIT: \ - icmp6_ifstat_inc(ifp, ifs6_out_routersolicit); \ - break; \ - case ND_ROUTER_ADVERT: \ - icmp6_ifstat_inc(ifp, ifs6_out_routeradvert); \ - break; \ - case ND_NEIGHBOR_SOLICIT: \ - icmp6_ifstat_inc(ifp, ifs6_out_neighborsolicit); \ - break; \ - case ND_NEIGHBOR_ADVERT: \ - icmp6_ifstat_inc(ifp, ifs6_out_neighboradvert); \ - break; \ - case ND_REDIRECT: \ - icmp6_ifstat_inc(ifp, ifs6_out_redirect); \ - break; \ - } \ - } while (0) - - extern int icmp6_rediraccept; /* accept/process redirects */ - extern int icmp6_redirtimeout; /* cache time for redirect routes */ - #endif KERNEL_PRIVATE - - #endif /* !_NETINET_ICMP6_H_ */ --- 0 ---- Index: xnu/bsd/netinet/in.h diff -c xnu/bsd/netinet/in.h:1.1.1.7 xnu/bsd/netinet/in.h:1.1.1.7.2.1 *** xnu/bsd/netinet/in.h:1.1.1.7 Sun Apr 29 06:40:46 2007 --- xnu/bsd/netinet/in.h Sun Apr 29 06:59:46 2007 *************** *** 210,215 **** --- 210,216 ---- /* 101-254: Partly Unassigned */ #define IPPROTO_PIM 103 /* Protocol Independent Mcast */ #define IPPROTO_PGM 113 /* PGM */ + #define IPPROTO_MH 135 /* IPv6 Mobility Header */ /* 255: Reserved */ /* BSD Private, local use, namespace incursion */ #define IPPROTO_DIVERT 254 /* divert pseudo-protocol */ Index: xnu/bsd/netinet/ip6.h diff -c xnu/bsd/netinet/ip6.h:1.1.1.5 xnu/bsd/netinet/ip6.h:1.1.1.5.2.1 *** xnu/bsd/netinet/ip6.h:1.1.1.5 Sun Apr 29 06:40:47 2007 --- xnu/bsd/netinet/ip6.h Sun Apr 29 06:59:46 2007 *************** *** 194,199 **** --- 194,257 ---- #define IP6OPT_JUMBO_LEN 6 + /* IPv6 options: common part */ + struct ip6_opt { + u_int8_t ip6o_type; + u_int8_t ip6o_len; + } __attribute__((__packed__)); + + /* Jumbo Payload Option */ + struct ip6_opt_jumbo { + u_int8_t ip6oj_type; + u_int8_t ip6oj_len; + u_int8_t ip6oj_jumbo_len[4]; + } __attribute__((__packed__)); + #define IP6OPT_JUMBO_LEN 6 + + /* NSAP Address Option */ + struct ip6_opt_nsap { + u_int8_t ip6on_type; + u_int8_t ip6on_len; + u_int8_t ip6on_src_nsap_len; + u_int8_t ip6on_dst_nsap_len; + /* followed by source NSAP */ + /* followed by destination NSAP */ + } __attribute__((__packed__)); + + /* Tunnel Limit Option */ + struct ip6_opt_tunnel { + u_int8_t ip6ot_type; + u_int8_t ip6ot_len; + u_int8_t ip6ot_encap_limit; + } __attribute__((__packed__)); + + /* Router Alert Option */ + struct ip6_opt_router { + u_int8_t ip6or_type; + u_int8_t ip6or_len; + u_int8_t ip6or_value[2]; + } __attribute__((__packed__)); + /* Router alert values (in network byte order) */ + #if BYTE_ORDER == BIG_ENDIAN + #define IP6_ALERT_MLD 0x0000 + #define IP6_ALERT_RSVP 0x0001 + #define IP6_ALERT_AN 0x0002 + #else + #if BYTE_ORDER == LITTLE_ENDIAN + #define IP6_ALERT_MLD 0x0000 + #define IP6_ALERT_RSVP 0x0100 + #define IP6_ALERT_AN 0x0200 + #endif /* LITTLE_ENDIAN */ + #endif + + /* Home Address Option */ + struct ip6_opt_home_address { + u_int8_t ip6oh_type; + u_int8_t ip6oh_len; + u_int8_t ip6oh_addr[16];/* Home Address */ + /* followed by sub-options */ + } __attribute__((__packed__)); + /* Routing header */ struct ip6_rthdr { u_int8_t ip6r_nxt; /* next header */ *************** *** 214,219 **** --- 272,287 ---- struct in6_addr ip6r0_addr[1]; /* up to 23 addresses */ } __attribute__((__packed__)); + /* Type 2 Routing header for Mobile IPv6 */ + struct ip6_rthdr2 { + u_int8_t ip6r2_nxt; /* next header */ + u_int8_t ip6r2_len; /* always 2 */ + u_int8_t ip6r2_type; /* always 2 */ + u_int8_t ip6r2_segleft; /* 0 or 1 */ + u_int32_t ip6r2_reserved; /* reserved field */ + /* followed by one struct in6_addr */ + } __attribute__((__packed__)); + /* Fragment header */ struct ip6_frag { u_int8_t ip6f_nxt; /* next header */ Index: xnu/bsd/netinet6/.prepare diff -c /dev/null xnu/bsd/netinet6/.prepare:1.1.20.1 *** /dev/null Mon Apr 30 16:58:30 2007 --- xnu/bsd/netinet6/.prepare Sun Apr 29 06:59:46 2007 *************** *** 0 **** --- 1,78 ---- + exclude ah.h + exclude ah_aesxcbcmac.c + exclude ah_aesxcbcmac.h + exclude ah_core.c + exclude ah_input.c + exclude ah_output.c + exclude dccp6_usrreq.c + exclude dccp6_var.h + exclude esp.h + exclude esp_aesctr.c + exclude esp_aesctr.h + exclude esp_core.c + exclude esp_input.c + exclude esp_output.c + exclude esp_rijndael.c + exclude esp_rijndael.h + exclude esp_twofish.c + exclude esp_twofish.h + exclude frag6.c + exclude icmp6.c + exclude in6.c + exclude in6.h + exclude in6_cksum.c + exclude in6_gif.c + exclude in6_gif.h + exclude in6_ifattach.c + exclude in6_ifattach.h + exclude in6_msf.c + exclude in6_msf.h + exclude in6_proto.c + exclude in6_rmx.c + exclude in6_src.c + exclude in6_var.h + exclude ip6_forward.c + exclude ip6_fw.c + exclude ip6_fw.h + exclude ip6_id.c + exclude ip6_input.c + exclude ip6_mroute.c + exclude ip6_mroute.h + exclude ip6_output.c + exclude ip6_var.h + exclude ip6protosw.h + exclude ipcomp.h + exclude ipcomp_core.c + exclude ipcomp_input.c + exclude ipcomp_output.c + exclude ipsec.c + exclude ipsec.h + exclude mld6.c + exclude mld6_var.h + exclude mldv2.c + exclude natpt_defs.h + exclude natpt_dispatch.c + exclude natpt_log.c + exclude natpt_log.h + exclude natpt_rule.c + exclude natpt_soctl.h + exclude natpt_trans.c + exclude natpt_tslot.c + exclude natpt_usrreq.c + exclude natpt_var.h + exclude nd6.c + exclude nd6.h + exclude nd6_ind.c + exclude nd6_nbr.c + exclude nd6_rtr.c + exclude pim6.h + exclude pim6_var.h + exclude raw_ip6.c + exclude raw_ip6.h + exclude route6.c + exclude scope6.c + exclude scope6_var.h + exclude sctp6_usrreq.c + exclude sctp6_var.h + exclude udp6.h + exclude udp6_output.c Index: xnu/bsd/netinet6/dest6.c diff -c xnu/bsd/netinet6/dest6.c:1.1.1.1 xnu/bsd/netinet6/dest6.c:removed *** xnu/bsd/netinet6/dest6.c:1.1.1.1 Sun Sep 18 03:53:04 2005 --- xnu/bsd/netinet6/dest6.c Mon Apr 30 16:58:30 2007 *************** *** 1,124 **** - /* $FreeBSD: src/sys/netinet6/dest6.c,v 1.1.2.3 2001/07/03 11:01:49 ume Exp $ */ - /* $KAME: dest6.c,v 1.27 2001/03/29 05:34:30 itojun Exp $ */ - - /* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - - #include - #include - - #include - #include - #include - #include - #include - - /* - * Destination options header processing. - */ - int - dest6_input(mp, offp) - struct mbuf **mp; - int *offp; - { - struct mbuf *m = *mp; - int off = *offp, dstoptlen, optlen; - struct ip6_dest *dstopts; - u_int8_t *opt; - struct ip6_hdr *ip6; - - ip6 = mtod(m, struct ip6_hdr *); - - /* validation of the length of the header */ - #ifndef PULLDOWN_TEST - IP6_EXTHDR_CHECK(m, off, sizeof(*dstopts), return IPPROTO_DONE); - dstopts = (struct ip6_dest *)(mtod(m, caddr_t) + off); - #else - IP6_EXTHDR_GET(dstopts, struct ip6_dest *, m, off, sizeof(*dstopts)); - if (dstopts == NULL) - return IPPROTO_DONE; - #endif - dstoptlen = (dstopts->ip6d_len + 1) << 3; - - #ifndef PULLDOWN_TEST - IP6_EXTHDR_CHECK(m, off, dstoptlen, return IPPROTO_DONE); - dstopts = (struct ip6_dest *)(mtod(m, caddr_t) + off); - #else - IP6_EXTHDR_GET(dstopts, struct ip6_dest *, m, off, dstoptlen); - if (dstopts == NULL) - return IPPROTO_DONE; - #endif - off += dstoptlen; - dstoptlen -= sizeof(struct ip6_dest); - opt = (u_int8_t *)dstopts + sizeof(struct ip6_dest); - - /* search header for all options. */ - for (optlen = 0; dstoptlen > 0; dstoptlen -= optlen, opt += optlen) { - if (*opt != IP6OPT_PAD1 && - (dstoptlen < IP6OPT_MINLEN || *(opt + 1) + 2 > dstoptlen)) { - ip6stat.ip6s_toosmall++; - goto bad; - } - - switch (*opt) { - case IP6OPT_PAD1: - optlen = 1; - break; - case IP6OPT_PADN: - optlen = *(opt + 1) + 2; - break; - - default: /* unknown option */ - optlen = ip6_unknown_opt(opt, m, - opt - mtod(m, u_int8_t *), 0); - if (optlen == -1) - return (IPPROTO_DONE); - optlen += 2; - break; - } - } - - *offp = off; - return (dstopts->ip6d_nxt); - - bad: - m_freem(m); - return (IPPROTO_DONE); - } --- 0 ---- Index: xnu/bsd/netinet6/icmp6.c diff -c xnu/bsd/netinet6/icmp6.c:1.1.1.1 xnu/bsd/netinet6/icmp6.c:1.1.1.1.20.1 *** xnu/bsd/netinet6/icmp6.c:1.1.1.1 Sun Sep 18 03:53:04 2005 --- xnu/bsd/netinet6/icmp6.c Sun Apr 29 06:59:46 2007 *************** *** 2158,2167 **** #endif /*IPSEC*/ #ifdef COMPAT_RFC1885 ! ip6_output(m, NULL, &icmp6_reflect_rt, 0, NULL, &outif, 0); #else ! ip6_output(m, NULL, NULL, 0, NULL, &outif, 0); #endif if (outif) icmp6_ifoutstat_inc(outif, type, code); --- 2158,2169 ---- #endif /*IPSEC*/ #ifdef COMPAT_RFC1885 ! if ((ip6_output(m, NULL, &icmp6_reflect_rt, 0, NULL, &outif, 0) != 0) && outif) #else ! if ((ip6_output(m, NULL, NULL, 0, NULL, &outif, 0) != 0) && outif) #endif + icmp6_ifstat_inc(outif, ifs6_out_error); + if (outif) icmp6_ifoutstat_inc(outif, type, code); *************** *** 2666,2672 **** if (ipsec_bypass == 0) (void)ipsec_setsocket(m, NULL); #endif /*IPSEC*/ ! ip6_output(m, NULL, NULL, 0, NULL, &outif, 0); if (outif) { icmp6_ifstat_inc(outif, ifs6_out_msg); icmp6_ifstat_inc(outif, ifs6_out_redirect); --- 2668,2675 ---- if (ipsec_bypass == 0) (void)ipsec_setsocket(m, NULL); #endif /*IPSEC*/ ! if ((ip6_output(m, NULL, NULL, 0, NULL, &outif, 0) != 0) && outif) ! icmp6_ifstat_inc(outif, ifs6_out_error); if (outif) { icmp6_ifstat_inc(outif, ifs6_out_msg); icmp6_ifstat_inc(outif, ifs6_out_redirect); Index: xnu/bsd/netinet6/in6.c diff -c xnu/bsd/netinet6/in6.c:1.1.1.1 xnu/bsd/netinet6/in6.c:1.1.1.1.20.1 *** xnu/bsd/netinet6/in6.c:1.1.1.1 Sun Sep 18 03:53:04 2005 --- xnu/bsd/netinet6/in6.c Sun Apr 29 06:59:46 2007 *************** *** 130,135 **** --- 130,138 ---- const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0}; + #ifdef MIP6 + struct mip6_bul_list mbul_list; + #endif /* MIP6 */ static int in6_lifaddr_ioctl(struct socket *, u_long, caddr_t, struct ifnet *, struct proc *); *************** *** 786,791 **** --- 789,802 ---- */ if ((error = in6_update_ifa(ifp, ifra, ia)) != 0) goto ioctl_cleanup; + if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) + == NULL) { + /* + * this can happen when the user specify the 0 valid + * lifetime. + */ + break; + } /* * then, make the prefix on-link on the interface. *************** *** 802,809 **** pr0.ndpr_ifp = ifp; pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, NULL); ! if (pr0.ndpr_plen == 128) break; /* we don't need to install a host route. */ pr0.ndpr_prefix = ifra->ifra_addr; pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr; /* apply the mask for safety. */ --- 813,825 ---- pr0.ndpr_ifp = ifp; pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, NULL); ! if (pr0.ndpr_plen == 128) { break; /* we don't need to install a host route. */ + #if defined(MIP6) && NMIP > 0 + } else if ((ia->ia6_flags & IN6_IFF_HOME) && (ifp->if_type == IFT_MIP)) { + break; /* we don't need to install a interface route. for home address */ + #endif + } pr0.ndpr_prefix = ifra->ifra_addr; pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr; /* apply the mask for safety. */ *************** *** 1096,1101 **** --- 1112,1120 ---- if (ia == NULL) return ENOBUFS; bzero((caddr_t)ia, sizeof(*ia)); + #if defined(MIP6) && NMIP > 0 + LIST_INIT(MBUL_LIST(ia)); + #endif /* MIP6 && NMIP > 0 */ /* Initialize the address and masks */ ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; ia->ia_addr.sin6_family = AF_INET6; *************** *** 1417,1422 **** --- 1436,1450 ---- in6_delmulti(in6m, nd6_locked); } + #if defined(MIP6) && NMIP > 0 + { + struct mip6_bul_internal *mbul; + while ((mbul = LIST_FIRST(MBUL_LIST(ia))) != NULL) { + mip6_bul_remove(mbul); + } + } + #endif /* MIP6 && NMIP > 0 */ + in6_unlink_ifa(ia, ifp, nd6_locked); in6_post_msg(ifp, KEV_INET6_ADDR_DELETED, ia); } Index: xnu/bsd/netinet6/in6.h diff -c xnu/bsd/netinet6/in6.h:1.1.1.5 xnu/bsd/netinet6/in6.h:1.1.1.5.2.1 *** xnu/bsd/netinet6/in6.h:1.1.1.5 Sun Apr 29 06:40:56 2007 --- xnu/bsd/netinet6/in6.h Sun Apr 29 06:59:46 2007 *************** *** 86,92 **** * has the table of implementation/integration differences. */ #define __KAME__ ! #define __KAME_VERSION "20010528/apple-darwin" #ifndef _POSIX_C_SOURCE /* --- 86,92 ---- * has the table of implementation/integration differences. */ #define __KAME__ ! #define __KAME_VERSION "Darwin-shisa on 20010528/apple-darwin" #ifndef _POSIX_C_SOURCE /* *************** *** 304,315 **** --- 304,317 ---- #ifdef KERNEL /*XXX nonstandard*/ #define IPV6_ADDR_SCOPE_NODELOCAL 0x01 + #define IPV6_ADDR_SCOPE_INTFACELOCAL 0x01 #define IPV6_ADDR_SCOPE_LINKLOCAL 0x02 #define IPV6_ADDR_SCOPE_SITELOCAL 0x05 #define IPV6_ADDR_SCOPE_ORGLOCAL 0x08 /* just used in this file */ #define IPV6_ADDR_SCOPE_GLOBAL 0x0e #else #define __IPV6_ADDR_SCOPE_NODELOCAL 0x01 + #define __IPV6_ADDR_SCOPE_INTFACELOCAL 0x01 #define __IPV6_ADDR_SCOPE_LINKLOCAL 0x02 #define __IPV6_ADDR_SCOPE_SITELOCAL 0x05 #define __IPV6_ADDR_SCOPE_ORGLOCAL 0x08 /* just used in this file */ *************** *** 457,467 **** --- 459,530 ---- #define IPV6_FW_GET 34 /* get entire firewall rule chain */ #endif 1 + #if 0 + /* new socket options introduced in RFC3542 */ + #define IPV6_RTHDRDSTOPTS 35 /* ip6_dest; send dst option before rthdr */ + + #define IPV6_RECVPKTINFO 36 /* bool; recv if, dst addr */ + #define IPV6_RECVHOPLIMIT 37 /* bool; recv hop limit */ + #define IPV6_RECVRTHDR 38 /* bool; recv routing header */ + #define IPV6_RECVHOPOPTS 39 /* bool; recv hop-by-hop option */ + #define IPV6_RECVDSTOPTS 40 /* bool; recv dst option after rthdr */ + #ifdef _KERNEL + #define IPV6_RECVRTHDRDSTOPTS 41 /* bool; recv dst option before rthdr */ + #endif + #endif + + #define IPV6_USE_MIN_MTU 42 /* bool; send packets at the minimum MTU */ + #define IPV6_RECVPATHMTU 43 /* bool; notify an according MTU */ + + #define IPV6_PATHMTU 44 /* mtuinfo; get the current path MTU (sopt), + 4 bytes int; MTU notification (cmsg) */ + #if 0 /*obsoleted during 2292bis -> 3542*/ + #define IPV6_REACHCONF 45 /* no data; ND reachability confirm + (cmsg only/not in of RFC3542) */ + #endif + + /* more new socket options introduced in RFC3542 */ + #define IPV6_3542PKTINFO 46 /* in6_pktinfo; send if, src addr */ + #define IPV6_3542HOPLIMIT 47 /* int; send hop limit */ + #define IPV6_3542NEXTHOP 48 /* sockaddr; next hop addr */ + #define IPV6_3542HOPOPTS 49 /* ip6_hbh; send hop-by-hop option */ + #define IPV6_3542DSTOPTS 50 /* ip6_dest; send dst option befor rthdr */ + #define IPV6_3542RTHDR 51 /* ip6_rthdr; send routing header */ + #if 0 + #define IPV6_PKTOPTIONS 52 /* buf/cmsghdr; set/get IPv6 options */ + /* obsoleted by RFC3542 */ + #endif + + #ifdef __OpenBSD__ + #define IPV6_AUTH_LEVEL 53 /* int; authentication used */ + #define IPV6_ESP_TRANS_LEVEL 54 /* int; transport encryption */ + #define IPV6_ESP_NETWORK_LEVEL 55 /* int; full-packet encryption */ + #define IPSEC6_OUTSA 56 /* set the outbound SA for a socket */ + #endif + + #define IPV6_RECVTCLASS 57 /* bool; recv traffic class values */ + #ifdef _KERNEL + #define IPV6_OTCLASS 58 /* u_int8_t; send traffic class value */ + #endif + #define IPV6_AUTOFLOWLABEL 59 /* bool; attach flowlabel automagically */ + + #ifdef __OpenBSD__ + #define IPV6_IPCOMP_LEVEL 60 /* int; compression */ + #endif + + #define IPV6_TCLASS 61 /* int; send traffic class value */ + #define IPV6_DONTFRAG 62 /* bool; disable IPv6 fragmentation */ + + #define IPV6_PREFER_TEMPADDR 63 /* int; prefer temporary addresses as + * the source address. + */ + /* to define items, should talk with KAME guys first, for *BSD compatibility */ #define IPV6_RTHDR_LOOSE 0 /* this hop need not be a neighbor. XXX old spec */ #define IPV6_RTHDR_STRICT 1 /* this hop must be a neighbor. XXX old spec */ #define IPV6_RTHDR_TYPE_0 0 /* IPv6 routing header type 0 */ + #define IPV6_RTHDR_TYPE_2 2 /* IPv6 routing header type 2 for Mobile IPv6 */ /* * Defaults and limits for options Index: xnu/bsd/netinet6/in6_proto.c diff -c xnu/bsd/netinet6/in6_proto.c:1.1.1.1 xnu/bsd/netinet6/in6_proto.c:1.1.1.1.20.2 *** xnu/bsd/netinet6/in6_proto.c:1.1.1.1 Sun Sep 18 03:53:04 2005 --- xnu/bsd/netinet6/in6_proto.c Sun Apr 29 09:59:53 2007 *************** *** 125,130 **** --- 125,134 ---- #endif #endif /*IPSEC*/ + #ifdef MIP6 + #include + #endif /* MIP6 */ + #include #include *************** *** 218,223 **** --- 222,237 ---- &nousrreqs, 0, 0, 0 }, + #ifdef MIP6 + { SOCK_RAW, &inet6domain, IPPROTO_MH,PR_ATOMIC|PR_ADDR|PR_LASTHDR, + mip6_input, 0, 0, rip6_ctloutput, + 0, + 0, 0, 0, 0, + 0, + &rip6_usrreqs, + 0, 0, 0 + }, + #endif /* MIP6 */ #if IPSEC { SOCK_RAW, &inet6domain, IPPROTO_AH, PR_ATOMIC|PR_ADDR|PR_PROTOLOCK, ah6_input, 0, 0, 0, *************** *** 288,293 **** --- 302,321 ---- int in6_proto_count = (sizeof (inet6sw) / sizeof (struct ip6protosw)); + /* To receive tunneled packet on mobile node or home agent */ + #if defined(MIP6) + struct ip6protosw mip6_tunnel_protosw = + { SOCK_RAW, &inet6domain, IPPROTO_IPV6, PR_ATOMIC|PR_ADDR, + mip6_tunnel_input, rip6_output, 0, rip6_ctloutput, + 0, + 0, 0, 0, 0, + 0, + &rip6_usrreqs, + 0, rip_unlock, 0 + }; + #endif /* MIP6 */ + + struct domain inet6domain = { AF_INET6, "internet6", in6_dinit, 0, 0, (struct protosw *)inet6sw, 0, *************** *** 359,364 **** --- 387,394 ---- u_int32_t ip6_id = 0UL; int ip6_keepfaith = 0; time_t ip6_log_time = (time_t)0L; + int ip6_rthdr0_allowed = 0; /* Disallow use of routing header 0 */ + /* by default. */ /* icmp6 */ /* *************** *** 404,409 **** --- 434,442 ---- #if IPSEC SYSCTL_NODE(_net_inet6, IPPROTO_ESP, ipsec6, CTLFLAG_RW, 0, "IPSEC6"); #endif /* IPSEC */ + #ifdef MIP6 + SYSCTL_NODE(_net_inet6, IPPROTO_MH, mip6, CTLFLAG_RW, 0, "MIP6"); + #endif /* MIP6 */ /* net.inet6.ip6 */ static int *************** *** 493,498 **** --- 526,534 ---- &rip6stat, rip6stat, ""); SYSCTL_STRUCT(_net_inet6_ip6, OID_AUTO, mrt6stat, CTLFLAG_RD, &mrt6stat, mrt6stat, ""); + SYSCTL_INT(_net_inet6_ip6, OID_AUTO, + rthdr0_allowed, CTLFLAG_RW, &ip6_rthdr0_allowed, 0, ""); + /* net.inet6.icmp6 */ Index: xnu/bsd/netinet6/in6_src.c diff -c xnu/bsd/netinet6/in6_src.c:1.1.1.1 xnu/bsd/netinet6/in6_src.c:1.1.1.1.20.1 *** xnu/bsd/netinet6/in6_src.c:1.1.1.1 Sun Sep 18 03:53:04 2005 --- xnu/bsd/netinet6/in6_src.c Sun Apr 29 06:59:46 2007 *************** *** 97,102 **** --- 97,111 ---- #include + #ifdef MIP6 + #include + #include + #include "mip.h" + #if NMIP > 0 + #include + #endif /* NMIP */ + #endif /* MIP6 */ + #include "loop.h" extern lck_mtx_t *rt_mtx; *************** *** 119,127 **** --- 128,143 ---- struct in6_addr *dst; struct in6_ifaddr *ia6 = 0; struct in6_pktinfo *pi = NULL; + #if defined(MIP6) && NMIP > 0 + u_int8_t ip6po_usecoa = 0; + struct in6_ifaddr *mip6_ia = 0; + #endif /* MIP6 && NMIP > 0 */ + static struct in6_addr storage; dst = &dstsock->sin6_addr; *errorp = 0; + if (src_storage == NULL) + src_storage = &storage; /* * If the source address is explicitly specified by the caller, *************** *** 138,143 **** --- 154,170 ---- if (laddr && !IN6_IS_ADDR_UNSPECIFIED(laddr)) return(laddr); + #if defined(MIP6) && NMIP > 0 + /* + * a caller can specify IP6PO_USECOA to not to use a home + * address. for example, the case that the neighbour + * unreachability detection to the global address. + */ + if (opts != NULL && + (opts->ip6po_flags & IP6PO_USECOA) != 0) { + ip6po_usecoa = 1; + } + #endif /* MIP6 && NMIP > 0 */ /* * If the caller doesn't specify the source address but * the outgoing interface, use an address associated with *************** *** 212,217 **** --- 239,265 ---- } } + #if defined(MIP6) && NMIP > 0 + if (MIP6_IS_MN && !ip6po_usecoa) { + struct ifnet *ifp; + struct ifaddr *ifa; + + TAILQ_FOREACH(ifp, &ifnet_head, if_list) { + TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { + if (ifa->ifa_addr->sa_family != AF_INET6) + continue; + ia6 = (struct in6_ifaddr *)ifa; + if ((ia6->ia6_flags & IN6_IFF_HOME) && + mip6_ifa6_is_addr_valid_hoa(ia6)) { + mip6_ia = ia6; + goto done; + } + } + } + done:; + } + #endif /* MIP6 && NMIP > 0 */ + /* * If the next hop address for the packet is specified * by caller, use an address associated with the route *************** *** 314,321 **** *errorp = EHOSTUNREACH; /* no route */ return(0); } *src_storage = satosin6(&ia6->ia_addr)->sin6_addr; ! ifafree(&ia6->ia_ifa); return src_storage; } --- 362,378 ---- *errorp = EHOSTUNREACH; /* no route */ return(0); } + #if defined(MIP6) && NMIP > 0 + if (mip6_ia && + (in6_addrscope(&satosin6(&ia6->ia_addr)->sin6_addr) == + in6_addrscope(&satosin6(&mip6_ia->ia_addr)->sin6_addr))) + ia6 = mip6_ia; + #endif /* MIP6 && NMIP > 0 */ *src_storage = satosin6(&ia6->ia_addr)->sin6_addr; ! #if defined(MIP6) && NMIP > 0 ! if (mip6_ia != ia6) ! #endif /* MIP6 && NMIP > 0 */ ! ifafree(&ia6->ia_ifa); return src_storage; } Index: xnu/bsd/netinet6/in6_var.h diff -c xnu/bsd/netinet6/in6_var.h:1.1.1.5 xnu/bsd/netinet6/in6_var.h:1.1.1.5.2.1 *** xnu/bsd/netinet6/in6_var.h:1.1.1.5 Sun Apr 29 06:40:57 2007 --- xnu/bsd/netinet6/in6_var.h Sun Apr 29 06:59:46 2007 *************** *** 96,101 **** --- 96,110 ---- }; #ifdef PRIVATE + LIST_HEAD(mip6_bul_list, mip6_bul_internal); /* XXX */ + + /* + * If changing size of the struct in6_ifaddr is not allowed for binary compatibilty or somthing such as darwin, undef 'IFA_MBUL_LIST' + * the binding update list entry is held as a global vaue. + */ + /*#define IFA_MBUL_LIST*/ + #undef IFA_MBUL_LIST + struct in6_ifaddr { struct ifaddr ia_ifa; /* protocol-independent info */ #define ia_ifp ia_ifa.ifa_ifp *************** *** 114,121 **** --- 123,141 ---- struct nd_prefix *ia6_ndpr; /* back pointer to the ND prefix * (for autoconfigured addresses only) */ + /* binding update entreis for this address */ + #ifdef IFA_MBUL_LIST + struct mip6_bul_list ia6_mbul_list; + #endif }; + #ifdef IFA_MBUL_LIST + #define MBUL_LIST(ia6) (&ia6->ia6_mbul_list) + #else + extern struct mip6_bul_list mbul_list; + #define MBUL_LIST(ia6) (&mbul_list) + #endif + #endif /* PRIVATE */ /* * IPv6 interface statistics, as defined in RFC2465 Ipv6IfStatsEntry (p12). *************** *** 418,423 **** --- 438,446 ---- #define SIOCSIFPHYADDR_IN6 _IOW('i', 62, struct in6_aliasreq) #define SIOCGIFPSRCADDR_IN6 _IOWR('i', 63, struct in6_ifreq) #define SIOCGIFPDSTADDR_IN6 _IOWR('i', 64, struct in6_ifreq) + #define SIOCSIFPHYNEXTHOP_IN6 _IOW('i', 140, struct in6_ifreq) /* set gif addres */ + #define SIOCGIFPHYNEXTHOP_IN6 _IOWR('i', 141, struct in6_ifreq) /* get gif nexthop addres */ + #define SIOCGIFAFLAG_IN6 _IOWR('i', 73, struct in6_ifreq) #define SIOCGDRLST_IN6 _IOWR('i', 74, struct in6_drlist) #define SIOCGPRLST_IN6 _IOWR('i', 75, struct in6_prlist) *************** *** 477,482 **** --- 500,508 ---- */ #define IN6_IFF_AUTOCONF 0x40 /* autoconfigurable address. */ #define IN6_IFF_TEMPORARY 0x80 /* temporary (anonymous) address. */ + #define IN6_IFF_HOME 0x100 /* MIP6:home address */ + #define IN6_IFF_DEREGISTERING 0x200 /* MIP6:deregistering address */ + #define IN6_IFF_PSEUDOIFA 0x400 /* MIP6: mark as pseudo ifa for DAD */ #define IN6_IFF_NOPFX 0x8000 /* skip kernel prefix management. * XXX: this should be temporary. */ *************** *** 484,489 **** --- 510,525 ---- /* do not input/output */ #define IN6_IFF_NOTREADY (IN6_IFF_TENTATIVE|IN6_IFF_DUPLICATED) + /* flags which cannot be changed by hand */ + #ifndef MIP6 + #define IN6_IFF_READONLY (IN6_IFF_DUPLICATED|IN6_IFF_DETACHED|\ + IN6_IFF_NODAD|IN6_IFF_TEMPORARY) + #else + /* Mobile IPv6 userland program requires to assign an address with NODAD. */ + #define IN6_IFF_READONLY (IN6_IFF_DUPLICATED|IN6_IFF_DETACHED|\ + IN6_IFF_TEMPORARY) + #endif /* !MIP6 */ + #ifdef KERNEL #define IN6_ARE_SCOPE_CMP(a,b) ((a)-(b)) #define IN6_ARE_SCOPE_EQUAL(a,b) ((a)==(b)) *************** *** 499,505 **** extern size_t icmp6_ifstatmax; #define in6_ifstat_inc(ifp, tag) \ do { \ ! int _z_index = ifp ? ifp->if_index : 0; \ if ((_z_index) && _z_index <= if_index \ && _z_index < in6_ifstatmax \ && in6_ifstat && in6_ifstat[_z_index]) { \ --- 535,541 ---- extern size_t icmp6_ifstatmax; #define in6_ifstat_inc(ifp, tag) \ do { \ ! u_short _z_index = ifp ? ifp->if_index : 0; \ if ((_z_index) && _z_index <= if_index \ && _z_index < in6_ifstatmax \ && in6_ifstat && in6_ifstat[_z_index]) { \ *************** *** 648,653 **** --- 684,690 ---- int in6_recoverscope __P((struct sockaddr_in6 *, const struct in6_addr *, struct ifnet *)); void in6_clearscope __P((struct in6_addr *)); + int in6_setscope __P((struct in6_addr *, struct ifnet *, u_int32_t *)); #endif KERNEL_PRIVATE #endif _NETINET6_IN6_VAR_H_ Index: xnu/bsd/netinet6/ip6_forward.c diff -c xnu/bsd/netinet6/ip6_forward.c:1.1.1.2 xnu/bsd/netinet6/ip6_forward.c:1.1.1.2.10.1 *** xnu/bsd/netinet6/ip6_forward.c:1.1.1.2 Tue Aug 15 21:58:39 2006 --- xnu/bsd/netinet6/ip6_forward.c Sun Apr 29 06:59:46 2007 *************** *** 56,61 **** --- 56,66 ---- #include #include #include + #ifdef MIP6 + #include + #include + #include + #endif #include *************** *** 104,115 **** --- 109,142 ---- #if IPSEC struct secpolicy *sp = NULL; #endif + #ifdef MIP6 + struct mip6_bc_internal *bce; + #endif struct timeval timenow; getmicrotime(&timenow); #if IPSEC + #if defined(MIP6) && NMIP > 0 + { + /* + * XXX skip IPsec policy integrity check if the next + * hop is me. This is dirty but we need this trick + * when we use an IPsec tunnel mode policy for + * protocol 'any' between a home agent and a mobile + * node. + */ + struct in6_ifaddr *ia; + + for (ia = in6_ifaddrs; ia; ia = ia->ia_next) { + if ((ia->ia6_flags & IN6_IFF_NOTREADY) == 0 && + IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, + &ip6->ip6_dst)) + goto skip_ipsec6_in_reject; + } + } + #endif /* MIP6 && NMIP > 0 */ /* * Check AH/ESP integrity. */ *************** *** 127,132 **** --- 154,162 ---- } lck_mtx_unlock(sadb_mutex); } + #if defined(MIP6) && NMIP > 0 + skip_ipsec6_in_reject: + #endif /* MIP6 && NMIP > 0 */ #endif /*IPSEC*/ /* *************** *** 318,323 **** --- 348,407 ---- skip_ipsec: #endif /* IPSEC */ + #ifdef MIP6 + /* This codes are only for Home Agent */ + if (!MIP6_IS_HA) + goto bc_check_done; + /* + * intercept and tunnel packets for home addresses + * which we are acting as a home agent for. + */ + + /* XXX need some policy to determine bid for MCOA */ + if ((bce = mip6_bce_get(&ip6->ip6_dst, NULL, NULL, 0)) && + (bce->mbc_flags & IP6_MH_BU_HOME)) { + if (IN6_IS_ADDR_LINKLOCAL(&bce->mbc_hoa) + || IN6_IS_ADDR_SITELOCAL(&bce->mbc_hoa)) { + ip6stat.ip6s_cantforward++; + if (mcopy) { + icmp6_error(mcopy, ICMP6_DST_UNREACH, + ICMP6_DST_UNREACH_ADDR, 0); + } + m_freem(m); + return; + } + + if (m->m_pkthdr.len > IPV6_MMTU) { + u_long mtu = IPV6_MMTU; + /* XXX in6_ifstat_inc(rt->rt_ifp, ifs6_in_toobig); */ + if (mcopy) { + icmp6_error(mcopy, + ICMP6_PACKET_TOO_BIG, 0, mtu); + } + m_freem(m); + return; + } + + /* + * if we have a binding cache entry for the + * ip6_dst, we are acting as a home agent for + * that node. before sending a packet as a + * tunneled packet, we must make sure that + * encaptab is ready. if dad is enabled and + * not completed yet, encaptab will be NULL. + */ + if (mip6_encapsulate(&m, IFA_IN6(bce->mbc_ifaddr), + &bce->mbc_coa) != 0) { + ip6stat.ip6s_cantforward++; + } + if (mcopy) + m_freem(mcopy); + return; + bc_check_done: + ; + } + #endif /* MIP6 */ + dst = (struct sockaddr_in6 *)&ip6_forward_rt.ro_dst; if (!srcrt) { /* *************** *** 473,478 **** --- 557,568 ---- if (rt->rt_ifp == m->m_pkthdr.rcvif && !srcrt && (rt->rt_flags & (RTF_DYNAMIC|RTF_MODIFIED)) == 0) { if ((rt->rt_ifp->if_flags & IFF_POINTOPOINT) != 0) { + #ifdef MIP6 + if (MIP6_IS_HA) { + /* Should it be take care on home agent case ? */ + ; + } + #endif /* defined(MIP6) */ /* * If the incoming interface is equal to the outgoing * one, and the link attached to the interface is *************** *** 492,497 **** --- 582,593 ---- m_freem(m); return; } + #ifdef MIP6 + /* In case of HA, redirect must not be sent. + XXX It should be considerred, more + (lookup BCE or check state or something...) */ + if (!MIP6_IS_HA) + #endif /* defined(MIP6) */ type = ND_REDIRECT; } Index: xnu/bsd/netinet6/ip6_input.c diff -c xnu/bsd/netinet6/ip6_input.c:1.1.1.5 xnu/bsd/netinet6/ip6_input.c:1.1.1.5.2.1 *** xnu/bsd/netinet6/ip6_input.c:1.1.1.5 Sun Apr 29 06:40:58 2007 --- xnu/bsd/netinet6/ip6_input.c Sun Apr 29 06:59:46 2007 *************** *** 65,71 **** * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 */ - #include #include #include --- 65,70 ---- *************** *** 96,101 **** --- 95,103 ---- #include #include #include + #ifdef MIP6 + #include + #endif /* MIP6 */ #include #include #include *************** *** 160,166 **** extern int loopattach_done; static void ip6_init2(void *); ! static struct mbuf *ip6_setdstifaddr(struct mbuf *, struct in6_ifaddr *); static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *); #if PULLDOWN_TEST --- 162,168 ---- extern int loopattach_done; static void ip6_init2(void *); ! static struct m_tag *ip6_setdstifaddr(struct mbuf *, struct in6_ifaddr *); static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *); #if PULLDOWN_TEST *************** *** 282,287 **** --- 284,292 ---- (ip6_temp_preferred_lifetime - ip6_desync_factor - ip6_temp_regen_advance) * hz); + #if NMIP + mipattach(); + #endif #if NGIF gifattach(); #endif *************** *** 664,673 **** IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &rt6_key(ip6_forward_rt.ro_rt)->sin6_addr) #endif ! ip6_forward_rt.ro_rt->rt_ifp->if_type == IFT_LOOP) { struct in6_ifaddr *ia6 = (struct in6_ifaddr *)ip6_forward_rt.ro_rt->rt_ifa; /* * record address information into m_aux. */ --- 669,711 ---- IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &rt6_key(ip6_forward_rt.ro_rt)->sin6_addr) #endif ! #ifdef MIP6 ! ((ip6_forward_rt.ro_rt->rt_flags & RTF_ANNOUNCE) || ! ip6_forward_rt.ro_rt->rt_ifp->if_type == IFT_LOOP) ! #else ! ip6_forward_rt.ro_rt->rt_ifp->if_type == IFT_LOOP ! #endif /* MIP6 */ ! ) { struct in6_ifaddr *ia6 = (struct in6_ifaddr *)ip6_forward_rt.ro_rt->rt_ifa; + #ifdef MIP6 + /* check unicast NS */ + if ((ip6_forward_rt.ro_rt->rt_flags & RTF_ANNOUNCE) != 0) { + /* This route shows proxy nd. thus the packet was + * captured. this packet should be tunneled to + * actual coa with tunneling unless this is NS. + */ + int nxt, loff; + struct icmp6_hdr *icp; + loff = ip6_lasthdr(m, 0, IPPROTO_IPV6, &nxt); + if (loff < 0 || nxt != IPPROTO_ICMPV6) + goto mip6_forwarding; + #ifndef PULLDOWN_TEST + IP6_EXTHDR_CHECK(m, 0, loff + sizeof(struct icmp6_hdr),); + icp = (struct icmp6_hdr *)(mtod(m, caddr_t) + loff); + #else + IP6_EXTHDR_GET(icp, struct icmp6_hdr *, m, loff, + sizeof(*icp)); + if (icp == NULL) { + icmp6stat.icp6s_tooshort++; + return; + } + #endif + if (icp->icmp6_type != ND_NEIGHBOR_SOLICIT) + goto mip6_forwarding; + } + #endif /* MIP6 */ /* * record address information into m_aux. */ *************** *** 699,704 **** --- 737,745 ---- } } /* XXX indentation (see above) */ + #ifdef MIP6 + mip6_forwarding: + #endif /* MIP6 */ /* * FAITH(Firewall Aided Internet Translator) */ *************** *** 963,968 **** --- 1004,1013 ---- } ipf_unref(); } + #ifdef MIP6 + if (dest6_mip6_hao(m, off, nxt) < 0) + goto badunlocked; + #endif /* MIP6 */ if (!(ip6_protox[nxt]->pr_flags & PR_PROTOLOCK)) { lck_mtx_lock(inet6_domain_mutex); nxt = (*ip6_protox[nxt]->pr_input)(&m, &off); *************** *** 983,1010 **** * set/grab in6_ifaddr correspond to IPv6 destination address. * XXX backward compatibility wrapper */ ! static struct mbuf * ip6_setdstifaddr(m, ia6) struct mbuf *m; struct in6_ifaddr *ia6; { ! struct mbuf *n; ! n = ip6_addaux(m); ! if (n) ! mtod(n, struct ip6aux *)->ip6a_dstia6 = ia6; ! return n; /* NULL if failed to set */ } struct in6_ifaddr * ip6_getdstifaddr(m) struct mbuf *m; { ! struct mbuf *n; ! n = ip6_findaux(m); ! if (n) ! return mtod(n, struct ip6aux *)->ip6a_dstia6; else return NULL; } --- 1028,1055 ---- * set/grab in6_ifaddr correspond to IPv6 destination address. * XXX backward compatibility wrapper */ ! static struct m_tag * ip6_setdstifaddr(m, ia6) struct mbuf *m; struct in6_ifaddr *ia6; { ! struct m_tag *mtag; ! mtag = ip6_addaux(m); ! if (mtag) ! ((struct ip6aux *)(mtag + 1))->ip6a_dstia6 = ia6; ! return mtag; /* NULL if failed to set */ } struct in6_ifaddr * ip6_getdstifaddr(m) struct mbuf *m; { ! struct m_tag *mtag; ! mtag = ip6_findaux(m); ! if (mtag) ! return ((struct ip6aux *)(mtag + 1))->ip6a_dstia6; else return NULL; } *************** *** 1740,1794 **** } } ! struct mbuf * ip6_addaux(m) struct mbuf *m; { ! struct mbuf *n; ! #if DIAGNOSTIC ! if (sizeof(struct ip6aux) > MHLEN) ! panic("assumption failed on sizeof(ip6aux)"); ! #endif ! n = m_aux_find(m, AF_INET6, -1); ! if (n) { ! if (n->m_len < sizeof(struct ip6aux)) { ! printf("conflicting use of ip6aux"); ! return NULL; ! } ! } else { ! n = m_aux_add(m, AF_INET6, -1); ! if (n) { ! n->m_len = sizeof(struct ip6aux); ! bzero(mtod(n, caddr_t), n->m_len); } } ! return n; } ! struct mbuf * ip6_findaux(m) struct mbuf *m; { ! struct mbuf *n; ! n = m_aux_find(m, AF_INET6, -1); ! if (n && n->m_len < sizeof(struct ip6aux)) { ! printf("conflicting use of ip6aux"); ! n = NULL; ! } ! return n; } void ip6_delaux(m) struct mbuf *m; { ! struct mbuf *n; ! n = m_aux_find(m, AF_INET6, -1); ! if (n) ! m_aux_delete(m, n); } /* --- 1785,1827 ---- } } ! struct m_tag * ip6_addaux(m) struct mbuf *m; { ! struct m_tag *mtag; ! mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); ! if (!mtag) { ! mtag = m_tag_get(PACKET_TAG_INET6, sizeof(struct ip6aux), ! M_NOWAIT); ! if (mtag) { ! m_tag_prepend(m, mtag); ! bzero(mtag + 1, sizeof(struct ip6aux)); } } ! return mtag; } ! struct m_tag * ip6_findaux(m) struct mbuf *m; { ! struct m_tag *mtag; ! mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); ! return mtag; } void ip6_delaux(m) struct mbuf *m; { ! struct m_tag *mtag; ! mtag = m_tag_find(m, PACKET_TAG_INET6, NULL); ! if (mtag) ! m_tag_delete(m, mtag); } /* Index: xnu/bsd/netinet6/ip6_output.c diff -c xnu/bsd/netinet6/ip6_output.c:1.1.1.2 xnu/bsd/netinet6/ip6_output.c:1.1.1.2.10.2 *** xnu/bsd/netinet6/ip6_output.c:1.1.1.2 Tue Aug 15 21:58:40 2006 --- xnu/bsd/netinet6/ip6_output.c Mon Apr 30 16:58:06 2007 *************** *** 104,109 **** --- 104,119 ---- #include + #ifdef MIP6 + #include + #include + #include + #include "mip.h" + #if NMIP > 0 + #include + #endif /* NMIP > 0*/ + #endif /* MIP6 */ + #include #include *************** *** 120,125 **** --- 130,141 ---- struct mbuf *ip6e_hbh; struct mbuf *ip6e_dest1; struct mbuf *ip6e_rthdr; + #ifdef MIP6 + struct mbuf *ip6e_rthdr2; + #endif /* MIP6 */ + #if defined(MIP6) && NMIP > 0 + struct mbuf *ip6e_hoa; + #endif /* MIP6 && NMIP > 0 */ struct mbuf *ip6e_dest2; }; *************** *** 175,180 **** --- 191,202 ---- int hdrsplit = 0; int needipsec = 0; ipfilter_t inject_filter_ref; + #ifdef MIP6 + struct mip6_bc_internal *mbc; + #if NMIP > 0 + struct mip6_bul_internal *mbul = NULL; + #endif /* MIP6 */ + #endif /* NMIP > 0 */ #if IPSEC int needipsectun = 0; *************** *** 214,223 **** --- 236,311 ---- MAKE_EXTHDR(opt->ip6po_dest1, &exthdrs.ip6e_dest1); /* Routing header */ MAKE_EXTHDR(opt->ip6po_rthdr, &exthdrs.ip6e_rthdr); + #ifdef MIP6 + /* Type 2 Routing header */ + MAKE_EXTHDR(opt->ip6po_rthdr2, &exthdrs.ip6e_rthdr2); + #if NMIP > 0 + /* Home Address Destination options header */ + MAKE_EXTHDR(opt->ip6po_hoa, &exthdrs.ip6e_hoa); + #endif /* NMIP > 0*/ + #endif /* MIP6 */ /* Destination options header(2nd part) */ MAKE_EXTHDR(opt->ip6po_dest2, &exthdrs.ip6e_dest2); } + #ifdef MIP6 + /* Find binding cache entry */ + /* XXX need policy to determine bid for MCOA*/ + mbc = mip6_bce_get(&ip6->ip6_dst, &ip6->ip6_src, NULL, 0); + /* + * If a node has a corresponding binding cache, put a Type 2 + * Routing Header to directly deliver the packet. Except, a + * caller didn't specify a Type 2 Routing Header explicitly. + */ + if ((mbc != NULL) && (ip6->ip6_nxt != IPPROTO_MH) && + (exthdrs.ip6e_rthdr2 == NULL)) { + struct ip6_rthdr2 *rthdr2; + + rthdr2 = mip6_create_rthdr2(&mbc->mbc_coa); + if (rthdr2 == NULL) + goto freehdrs; + + MAKE_EXTHDR(rthdr2, &exthdrs.ip6e_rthdr2); + FREE(rthdr2, M_IP6OPT); + } + #endif /* MIP6 */ + + #if defined(MIP6) && NMIP > 0 + /* + * If a correspondent binding update list is found and its + * status is BOUND, a packet is sent directly to the + * destination with a Home Address Option. Except a caller + * didn't specify a Home Address Option explicitly. + */ + mbul = mip6_bul_get(&ip6->ip6_src, &ip6->ip6_dst, 0/* XXX */); + /* + * Route Optimization: appending a HoA option. + */ + if ((mbul != NULL) && (exthdrs.ip6e_hoa == NULL)) { + u_int8_t *hoa_opt; + + if (mbul->mbul_state & MIP6_BUL_STATE_NEEDTUNNEL) + goto skip_hoa; + + if (ip6->ip6_nxt == IPPROTO_MH) { + #if 0 + m_copydata(m, sizeof(struct ip6_hdr), + sizeof(struct ip6_mh), (caddr_t)&mh); + if (mh.ip6mh_type != IP6_MH_TYPE_BU) + #endif /* 0 */ + goto skip_hoa; + } + + hoa_opt = mip6_create_hoa_opt(&mbul->mbul_coa); + if (hoa_opt == NULL) + goto freehdrs; + + MAKE_EXTHDR(hoa_opt, &exthdrs.ip6e_hoa); + FREE(hoa_opt, M_IP6OPT); + } + skip_hoa: + #endif /* MIP6 && NMIP > 0 */ + #if IPSEC if (ipsec_bypass != 0) goto skip_ipsec; *************** *** 279,284 **** --- 367,378 ---- if (exthdrs.ip6e_hbh) optlen += exthdrs.ip6e_hbh->m_len; if (exthdrs.ip6e_dest1) optlen += exthdrs.ip6e_dest1->m_len; if (exthdrs.ip6e_rthdr) optlen += exthdrs.ip6e_rthdr->m_len; + #ifdef MIP6 + if (exthdrs.ip6e_rthdr2) optlen += exthdrs.ip6e_rthdr2->m_len; + #if NMIP > 0 + if (exthdrs.ip6e_hoa) optlen += exthdrs.ip6e_hoa->m_len; + #endif /* NMIP > 0 */ + #endif /* MIP6 */ unfragpartlen = optlen + sizeof(struct ip6_hdr); /* NOTE: we don't add AH/ESP length here. do that later. */ if (exthdrs.ip6e_dest2) optlen += exthdrs.ip6e_dest2->m_len; *************** *** 376,381 **** --- 470,489 ---- nexthdrp, IPPROTO_DSTOPTS); MAKE_CHAIN(exthdrs.ip6e_rthdr, mprev, nexthdrp, IPPROTO_ROUTING); + #ifdef MIP6 + /* a type 2 routing header for route optimization. */ + MAKE_CHAIN(exthdrs.ip6e_rthdr2, mprev, nexthdrp, + IPPROTO_ROUTING); + #if NMIP > 0 + /* + * MIP6 homeaddress destination option must reside + * after rthdr and before ah/esp/frag hdr. + * this order is not recommended in the ipv6 spec of course. + * result: IPv6 hbh dest1 rthdr ha dest2 payload. + */ + MAKE_CHAIN(exthdrs.ip6e_hoa, mprev, nexthdrp, IPPROTO_DSTOPTS); + #endif /* NMIP > 0 */ + #endif /* MIP6 */ if (!TAILQ_EMPTY(&ipv6_filters)) { struct ipfilter *filter; *************** *** 446,451 **** --- 554,562 ---- { struct ip6_rthdr *rh = NULL; int segleft_org = 0; + #ifdef MIP6 + int segleft2_org = 0; + #endif /* MIP6 */ struct ipsec_output_state state; if (exthdrs.ip6e_rthdr) { *************** *** 454,459 **** --- 565,579 ---- rh->ip6r_segleft = 0; } + #ifdef MIP6 + if (exthdrs.ip6e_rthdr2) { + rh = mtod(exthdrs.ip6e_rthdr2, + struct ip6_rthdr *); + segleft2_org = rh->ip6r_segleft; + rh->ip6r_segleft = 0; + } + #endif /* MIP6 */ + bzero(&state, sizeof(state)); state.m = m; lck_mtx_unlock(ip6_mutex); *************** *** 487,510 **** /* ah6_output doesn't modify mbuf chain */ rh->ip6r_segleft = segleft_org; } } skip_ipsec2:; #endif } /* * If there is a routing header, replace destination address field * with the first hop of the routing header. */ ! if (exthdrs.ip6e_rthdr) { ! struct ip6_rthdr *rh = ! (struct ip6_rthdr *)(mtod(exthdrs.ip6e_rthdr, ! struct ip6_rthdr *)); struct ip6_rthdr0 *rh0; finaldst = ip6->ip6_dst; switch (rh->ip6r_type) { case IPV6_RTHDR_TYPE_0: rh0 = (struct ip6_rthdr0 *)rh; ip6->ip6_dst = rh0->ip6r0_addr[0]; bcopy((caddr_t)&rh0->ip6r0_addr[1], --- 607,673 ---- /* ah6_output doesn't modify mbuf chain */ rh->ip6r_segleft = segleft_org; } + #ifdef MIP6 + if (exthdrs.ip6e_rthdr2) { + /* ah6_output doesn't modify mbuf chain */ + rh->ip6r_segleft = segleft2_org; + } + #endif /* MIP6 */ } skip_ipsec2:; #endif } + #if defined(MIP6) && NMIP > 0 + /* Swap HoA and CoA */ + if (exthdrs.ip6e_hoa) { + struct ip6_opt_home_address *hoaopt = NULL; + struct in6_addr tmpaddr; + + bzero(&tmpaddr, sizeof(tmpaddr)); + + hoaopt = mip6_search_hoa_in_destopt(mtod(exthdrs.ip6e_hoa, caddr_t)); + if (hoaopt == NULL) + goto freehdrs; + + if (mip6_ifa_ifwithin6addr(&ip6->ip6_src) == NULL) + goto freehdrs; + + ip6 = mtod(m, struct ip6_hdr *); + bcopy(&ip6->ip6_src, &tmpaddr, sizeof(ip6->ip6_src)); + bcopy(hoaopt->ip6oh_addr, + &ip6->ip6_src, sizeof(hoaopt->ip6oh_addr)); + bcopy(&tmpaddr, hoaopt->ip6oh_addr, sizeof(tmpaddr)); + } + #endif /* MIP6 && NMIP > 0 */ + /* * If there is a routing header, replace destination address field * with the first hop of the routing header. */ ! if (exthdrs.ip6e_rthdr ! #ifdef MIP6 ! || exthdrs.ip6e_rthdr2 ! #endif /* MIP6 */ ! ) { ! struct ip6_rthdr *rh = NULL; struct ip6_rthdr0 *rh0; + if (exthdrs.ip6e_rthdr) + rh = (struct ip6_rthdr *)(mtod(exthdrs.ip6e_rthdr, + struct ip6_rthdr *)); + #ifdef MIP6 + else if (exthdrs.ip6e_rthdr2) + rh = (struct ip6_rthdr *)(mtod(exthdrs.ip6e_rthdr2, + struct ip6_rthdr *)); + #endif /* MIP6 */ + finaldst = ip6->ip6_dst; switch (rh->ip6r_type) { case IPV6_RTHDR_TYPE_0: + #ifdef MIP6 + case IPV6_RTHDR_TYPE_2: + #endif /* MIP6 */ rh0 = (struct ip6_rthdr0 *)rh; ip6->ip6_dst = rh0->ip6r0_addr[0]; bcopy((caddr_t)&rh0->ip6r0_addr[1], *************** *** 544,549 **** --- 707,719 ---- ro_pmtu = ro; if (opt && opt->ip6po_rthdr) ro = &opt->ip6po_route; + #ifdef MIP6 + if (exthdrs.ip6e_rthdr2) { + ro = &ip6route; + bzero((caddr_t)ro, sizeof(*ro)); + ro_pmtu = ro; + } + #endif /* MIP6 */ dst = (struct sockaddr_in6 *)&ro->ro_dst; /* * If there is a cached route, *************** *** 569,575 **** #endif } #if IPSEC ! if (needipsec && needipsectun) { struct ipsec_output_state state; /* --- 739,749 ---- #endif } #if IPSEC ! if (needipsec && needipsectun ! #if defined(MIP6) && NMIP > 0 ! && !((opt && opt->ip6po_hoa) || exthdrs.ip6e_hoa) ! #endif /* MIP6 && NMIP > 0 */ ! ) { struct ipsec_output_state state; /* *************** *** 1042,1047 **** --- 1216,1233 ---- * Change the next header field of the last header in the * unfragmentable part. */ + #ifdef MIP6 + #if NMIP > 0 + if (exthdrs.ip6e_hoa) { + nextproto = *mtod(exthdrs.ip6e_hoa, u_char *); + *mtod(exthdrs.ip6e_hoa, u_char *) = IPPROTO_FRAGMENT; + } else + #endif /* NMIP > 0 */ + if (exthdrs.ip6e_rthdr2) { + nextproto = *mtod(exthdrs.ip6e_rthdr2, u_char *); + *mtod(exthdrs.ip6e_rthdr2, u_char *) = IPPROTO_FRAGMENT; + } else + #endif /* MIP6 */ if (exthdrs.ip6e_rthdr) { nextproto = *mtod(exthdrs.ip6e_rthdr, u_char *); *mtod(exthdrs.ip6e_rthdr, u_char *) = IPPROTO_FRAGMENT; *************** *** 1164,1169 **** --- 1350,1361 ---- m_freem(exthdrs.ip6e_dest1); m_freem(exthdrs.ip6e_rthdr); m_freem(exthdrs.ip6e_dest2); + #ifdef MIP6 + m_freem(exthdrs.ip6e_rthdr2); + #if NMIP > 0 + m_freem(exthdrs.ip6e_hoa); + #endif /* NMIP > 0 */ + #endif /* MIP6 */ /* fall through */ bad: m_freem(m); *************** *** 1798,1803 **** --- 1990,1998 ---- #if DIAGNOSTIC if (opt->ip6po_pktinfo || opt->ip6po_nexthop || opt->ip6po_hbh || opt->ip6po_dest1 || opt->ip6po_dest2 || + #if defined(MIP6) && NMIP > 0 + opt->ip6po_hoa || + #endif /* MIP6 && NMIP > 0 */ opt->ip6po_rhinfo.ip6po_rhi_rthdr) printf("ip6_pcbopts: all specified options are cleared.\n"); #endif *************** *** 1875,1880 **** --- 2070,2080 ---- if (needfree && pktopt->ip6po_rhinfo.ip6po_rhi_rthdr) FREE(pktopt->ip6po_rhinfo.ip6po_rhi_rthdr, M_IP6OPT); pktopt->ip6po_rhinfo.ip6po_rhi_rthdr = NULL; + #ifdef MIP6 + if (pktopt->ip6po_rhinfo2.ip6po_rhi_rthdr) + FREE(pktopt->ip6po_rhinfo2.ip6po_rhi_rthdr, M_IP6OPT); + pktopt->ip6po_rhinfo2.ip6po_rhi_rthdr = NULL; + #endif /* MIP6 */ if (pktopt->ip6po_route.ro_rt) { rtfree(pktopt->ip6po_route.ro_rt); pktopt->ip6po_route.ro_rt = NULL; *************** *** 1884,1889 **** --- 2084,2094 ---- if (needfree && pktopt->ip6po_dest2) FREE(pktopt->ip6po_dest2, M_IP6OPT); pktopt->ip6po_dest2 = NULL; + #if defined(MIP6) && NMIP > 0 + if (needfree && pktopt->ip6po_hoa) + FREE(pktopt->ip6po_hoa, M_IP6OPT); + pktopt->ip6po_hoa = NULL; + #endif /* MIP6 && NMIP > 0 */ } } *************** *** 2574,2579 **** --- 2779,2795 ---- newdest = &opt->ip6po_dest1; else newdest = &opt->ip6po_dest2; + #if defined(MIP6) && NMIP > 0 + /* + * Check whether this destination option is + * home address option. + * If so, the option must be stored in ip6po_hoa + */ + if (mip6_search_hoa_in_destopt((u_int8_t *)dest) != NULL) + newdest = &opt->ip6po_hoa; + else + newdest = &opt->ip6po_dest2; + #endif /* MIP6 && NMIP > 0 */ if (needcopy) { *newdest = _MALLOC(destlen, M_IP6OPT, M_WAITOK); *************** *** 2607,2612 **** --- 2823,2838 ---- if (rth->ip6r_len / 2 != rth->ip6r_segleft) return(EINVAL); break; + #ifdef MIP6 + case IPV6_RTHDR_TYPE_2: + if (rth->ip6r_len == 0) /* must contain one addr */ + return (EINVAL); + if (rth->ip6r_len != 2) /* length must be 2 */ + return (EINVAL); + if (rth->ip6r_segleft != 1) + return (EINVAL); + break; + #endif /* MIP6 */ default: return(EINVAL); /* not supported */ } Index: xnu/bsd/netinet6/ip6_var.h diff -c xnu/bsd/netinet6/ip6_var.h:1.1.1.1 xnu/bsd/netinet6/ip6_var.h:1.1.1.1.20.1 *** xnu/bsd/netinet6/ip6_var.h:1.1.1.1 Sun Sep 18 03:53:04 2005 --- xnu/bsd/netinet6/ip6_var.h Sun Apr 29 06:59:46 2007 *************** *** 129,134 **** --- 129,136 ---- }; #define ip6po_rthdr ip6po_rhinfo.ip6po_rhi_rthdr #define ip6po_route ip6po_rhinfo.ip6po_rhi_route + #define ip6po_rthdr2 ip6po_rhinfo2.ip6po_rhi_rthdr + #define ip6po_route2 ip6po_rhinfo2.ip6po_rhi_route struct ip6_pktopts { struct mbuf *ip6po_m; /* Pointer to mbuf storing the data */ *************** *** 147,154 **** --- 149,171 ---- /* Routing header related info. */ struct ip6po_rhinfo ip6po_rhinfo; + /* Mobile IPv6 type 2 Routing header. */ + struct ip6po_rhinfo ip6po_rhinfo2; + + /* Home Address Destination option */ + struct ip6_dest *ip6po_hoa; + /* Destination options header (after a routing header) */ struct ip6_dest *ip6po_dest2; + + int ip6po_flags; + #if 0 /* parameters in this block is obsolete. do not reuse the values. */ + #define IP6PO_REACHCONF 0x01 /* upper-layer reachability confirmation. */ + #define IP6PO_MINMTU 0x02 /* use minimum MTU (IPV6_USE_MIN_MTU) */ + #endif + #define IP6PO_DONTFRAG 0x04 /* disable fragmentation (IPV6_DONTFRAG) */ + #define IP6PO_USECOA 0x08 /* use care of address */ + #define IP6PO_NOTUSEBCE 0x10 /* Don't use */ }; /* *************** *** 232,238 **** #define IP6A_RTALERTSEEN 0x08 /* rtalert present */ /* ip6.ip6_src */ ! struct in6_addr ip6a_careof; /* care-of address of the peer */ struct in6_addr ip6a_home; /* home address of the peer */ u_int16_t ip6a_bruid; /* BR unique identifier */ --- 249,255 ---- #define IP6A_RTALERTSEEN 0x08 /* rtalert present */ /* ip6.ip6_src */ ! struct in6_addr ip6a_coa; /* care-of address of the peer */ struct in6_addr ip6a_home; /* home address of the peer */ u_int16_t ip6a_bruid; /* BR unique identifier */ *************** *** 309,316 **** int ip6_nexthdr(struct mbuf *, int, int, int *); int ip6_lasthdr(struct mbuf *, int, int, int *); ! struct mbuf *ip6_addaux(struct mbuf *); ! struct mbuf *ip6_findaux(struct mbuf *); void ip6_delaux(struct mbuf *); int ip6_mforward(struct ip6_hdr *, struct ifnet *, struct mbuf *); --- 326,333 ---- int ip6_nexthdr(struct mbuf *, int, int, int *); int ip6_lasthdr(struct mbuf *, int, int, int *); ! struct m_tag *ip6_addaux(struct mbuf *); ! struct m_tag *ip6_findaux(struct mbuf *); void ip6_delaux(struct mbuf *); int ip6_mforward(struct ip6_hdr *, struct ifnet *, struct mbuf *); *************** *** 353,358 **** --- 370,379 ---- int dest6_input(struct mbuf **, int *); int none_input(struct mbuf **, int *); + #ifdef MIP6 + int dest6_mip6_hao(struct mbuf *, int, int); + int mip6_input(struct mbuf **, int *); + #endif #endif /* KERNEL */ #endif /* KERNEL_PRIVATE */ Index: xnu/bsd/netinet6/ipsec.c diff -c xnu/bsd/netinet6/ipsec.c:1.1.1.2 xnu/bsd/netinet6/ipsec.c:1.1.1.2.10.1 *** xnu/bsd/netinet6/ipsec.c:1.1.1.2 Tue Aug 15 21:58:41 2006 --- xnu/bsd/netinet6/ipsec.c Sun Apr 29 06:59:46 2007 *************** *** 75,80 **** --- 75,83 ---- #if INET6 #include #endif + #ifdef MIP6 + #include + #endif #include #if INET6 *************** *** 1080,1085 **** --- 1083,1092 ---- int off, nxt; struct tcphdr th; struct udphdr uh; + struct icmp6_hdr ih; + #ifdef MIP6 + struct ip6_mh mh; + #endif /* MIP6 */ /* sanity check */ if (m == NULL) *************** *** 1120,1125 **** --- 1127,1151 ---- ((struct sockaddr_in6 *)&spidx->dst)->sin6_port = uh.uh_dport; break; case IPPROTO_ICMPV6: + spidx->ul_proto = nxt; + if (off + sizeof(struct icmp6_hdr) > m->m_pkthdr.len) + break; + m_copydata(m, off, sizeof(ih), (caddr_t)&ih); + ((struct sockaddr_in6 *)&spidx->src)->sin6_port = + htons((u_int16_t)ih.icmp6_type); + ((struct sockaddr_in6 *)&spidx->dst)->sin6_port = + htons((u_int16_t)ih.icmp6_code); + break; + #ifdef MIP6 + case IPPROTO_MH: + spidx->ul_proto = nxt; + if (off + sizeof(struct ip6_mh) > m->m_pkthdr.len) + break; + m_copydata(m, off, sizeof(mh), (caddr_t)&mh); + ((struct sockaddr_in6 *)&spidx->src)->sin6_port = + htons((u_int16_t)mh.ip6mh_type); + break; + #endif /* MIP6 */ default: /* XXX intermediate headers??? */ spidx->ul_proto = nxt; Index: xnu/bsd/netinet6/nd6.c diff -c xnu/bsd/netinet6/nd6.c:1.1.1.1 xnu/bsd/netinet6/nd6.c:1.1.1.1.20.1 *** xnu/bsd/netinet6/nd6.c:1.1.1.1 Sun Sep 18 03:53:05 2005 --- xnu/bsd/netinet6/nd6.c Sun Apr 29 06:59:46 2007 *************** *** 48,53 **** --- 48,54 ---- #include #include #include + #include #include #include #include *************** *** 70,75 **** --- 71,87 ---- #include #include + #ifdef MIP6 + #include "mip.h" + #include + #include + #if NMIP > 0 + #include + #include + #include + #endif /* NMIP > 0 */ + #endif /* MIP6 */ + #include "loop.h" #include *************** *** 788,794 **** if (nd6_defifindex == ifp->if_index) nd6_setdefaultiface(0); ! if (!ip6_forwarding && (ip6_accept_rtadv || (ifp->if_eflags & IFEF_ACCEPT_RTADVD))) { /* refresh default router list */ bzero(&drany, sizeof(drany)); defrouter_delreq(&drany, 0); --- 800,810 ---- if (nd6_defifindex == ifp->if_index) nd6_setdefaultiface(0); ! if ( ! #if defined(MIP6) && NMIP > 0 ! MIP6_IS_MR || ! #endif ! (!ip6_forwarding && (ip6_accept_rtadv || (ifp->if_eflags & IFEF_ACCEPT_RTADVD)))) { /* refresh default router list */ bzero(&drany, sizeof(drany)); defrouter_delreq(&drany, 0); *************** *** 1890,1896 **** * for those are not autoconfigured hosts, we explicitly avoid such * cases for safety. */ ! if (do_update && ln->ln_router && !ip6_forwarding && (ip6_accept_rtadv || (ifp->if_eflags & IFEF_ACCEPT_RTADVD))) { lck_mtx_lock(nd6_mutex); defrouter_select(); lck_mtx_unlock(nd6_mutex); --- 1906,1916 ---- * for those are not autoconfigured hosts, we explicitly avoid such * cases for safety. */ ! if (do_update && ln->ln_router && !ip6_forwarding && (ip6_accept_rtadv || (ifp->if_eflags & IFEF_ACCEPT_RTADVD)) ! #if defined(MIP6) && NMIP > 0 ! || MIP6_IS_MR ! #endif ! ) { lck_mtx_lock(nd6_mutex); defrouter_select(); lck_mtx_unlock(nd6_mutex); *************** *** 1944,1949 **** --- 1964,2033 ---- struct llinfo_nd6 *ln = NULL; int error = 0; struct timeval timenow; + #if defined(MIP6) && NMIP > 0 + int presence; + struct ip6_hdr *ip6; + struct in6_ifaddr *src_ia6; + struct sockaddr_in6 sin6_src; + struct in6_addr in6_src, in6_dst; + struct mip6_bul_internal *bul, *cnbul; + #endif /* MIP6 && NMIP > 0 */ + + #if defined(MIP6) && NMIP > 0 + ip6 = mtod(m0, struct ip6_hdr *); + bzero(&sin6_src, sizeof(struct sockaddr_in6)); + sin6_src.sin6_len = sizeof(struct sockaddr_in6); + sin6_src.sin6_family = AF_INET6; + sin6_src.sin6_addr = ip6->ip6_src; + + src_ia6 = (struct in6_ifaddr *)ifa_ifwithaddr((struct sockaddr *)&sin6_src); + + if (src_ia6 && ((src_ia6->ia6_flags & IN6_IFF_DEREGISTERING) == 0)) { + /* + * if R flag is set, skip kernel tunnel. + * packets are tunneled by gif + */ + bul = mip6_bul_get_home_agent(&ip6->ip6_src); + if ((bul != NULL) && (bul->mbul_mip != NULL) && + (bul->mbul_flags & IP6_MH_BU_ROUTER) == 0) { + if (ip6->ip6_nxt == IPPROTO_MH) + goto dontstartrr; + + if (mip6_get_ip6hdrinfo(m, &in6_src, + &in6_dst, NULL, NULL, 1 /* logical */, &presence)) { + mip6log((LOG_ERR, "nd6_output: " + "failed to get logical source and " + "destination addresses.\n")); + senderr(EIO); /* XXX ? */ + } + if (IN6_IS_ADDR_MULTICAST(&in6_dst)) + goto dontstartrr; + if (IN6_IS_ADDR_LINKLOCAL(&in6_dst)) + goto dontstartrr; + cnbul = mip6_bul_get(&in6_src, &in6_dst, 0); + if (cnbul != NULL) + goto dontstartrr; + + /* send a hint to start RR to this node */ + mip6_notify_rr_hint(&in6_src, &in6_dst); + + dontstartrr: + /* send this packet via bi-directional tunnel */ + #if 0 + return ((*bul->mbul_mip->mip_if.if_output)( + (struct ifnet *)bul->mbul_mip, m, + (struct sockaddr *)dst, rt)); + #else + if (locked) + lck_mtx_unlock(ip6_mutex); + error = dlil_output(&bul->mbul_mip->mip_if, PF_INET6, m, (caddr_t)rt, (struct sockaddr *)dst, 0); + if (locked) + lck_mtx_lock(ip6_mutex); + return (error); + #endif + } + } + #endif /* MIP6 && NMIP > 0 */ if (IN6_IS_ADDR_MULTICAST(&dst->sin6_addr)) goto sendpkt; *************** *** 2112,2118 **** m->m_pkthdr.rcvif = origifp; /* forwarding rules require the original scope_id */ if (locked) lck_mtx_unlock(ip6_mutex); ! error = dlil_output(origifp, PF_INET6, m, (caddr_t)rt, (struct sockaddr *)dst, 0); if (locked) lck_mtx_lock(ip6_mutex); return error; --- 2196,2202 ---- m->m_pkthdr.rcvif = origifp; /* forwarding rules require the original scope_id */ if (locked) lck_mtx_unlock(ip6_mutex); ! error = dlil_output(/*orig*/ifp, PF_INET6, m, (caddr_t)rt, (struct sockaddr *)dst, 0); if (locked) lck_mtx_lock(ip6_mutex); return error; *************** *** 2301,2307 **** return result; } ! #ifndef __APPLE__ static int nd6_sysctl_drlist SYSCTL_HANDLER_ARGS; static int nd6_sysctl_prlist SYSCTL_HANDLER_ARGS; SYSCTL_DECL(_net_inet6_icmp6); --- 2385,2391 ---- return result; } ! /*#ifndef __APPLE__*/ static int nd6_sysctl_drlist SYSCTL_HANDLER_ARGS; static int nd6_sysctl_prlist SYSCTL_HANDLER_ARGS; SYSCTL_DECL(_net_inet6_icmp6); *************** *** 2430,2433 **** lck_mtx_unlock(nd6_mutex); return error; } ! #endif --- 2514,2517 ---- lck_mtx_unlock(nd6_mutex); return error; } ! /*#endif*/ Index: xnu/bsd/netinet6/nd6_nbr.c diff -c xnu/bsd/netinet6/nd6_nbr.c:1.1.1.1 xnu/bsd/netinet6/nd6_nbr.c:1.1.1.1.20.1 *** xnu/bsd/netinet6/nd6_nbr.c:1.1.1.1 Sun Sep 18 03:53:05 2005 --- xnu/bsd/netinet6/nd6_nbr.c Sun Apr 29 06:59:46 2007 *************** *** 63,74 **** extern int ipsec_bypass; #endif #include #define SDL(s) ((struct sockaddr_dl *)s) struct dadq; ! static struct dadq *nd6_dad_find(struct ifaddr *); #ifndef __APPLE__ static void nd6_dad_starttimer(struct dadq *, int); static void nd6_dad_stoptimer(struct dadq *); --- 63,84 ---- extern int ipsec_bypass; #endif + #ifdef MIP6 + #include "mip.h" + #include + #include + #include + #if NMIP > 0 + #include + #endif /* NMIP > 0 */ + #endif /* MIP6 */ + #include #define SDL(s) ((struct sockaddr_dl *)s) struct dadq; ! struct dadq *nd6_dad_find(struct ifaddr *); #ifndef __APPLE__ static void nd6_dad_starttimer(struct dadq *, int); static void nd6_dad_stoptimer(struct dadq *); *************** *** 79,84 **** --- 89,97 ---- static void nd6_dad_ns_output(struct dadq *, struct ifaddr *); static void nd6_dad_ns_input(struct ifaddr *); static void nd6_dad_na_input(struct ifaddr *); + #ifdef MIP6 + struct ifaddr *nd6_dad_find_by_addr __P((struct in6_addr *)); + #endif /* MIP6 */ static int dad_ignore_ns = 0; /* ignore NS in DAD - specwise incorrect*/ static int dad_maxtry = 15; /* max # of *tries* to transmit DAD packet */ *************** *** 453,458 **** --- 466,472 ---- if (saddr6 && in6ifa_ifpwithaddr(ifp, saddr6)) bcopy(saddr6, &ip6->ip6_src, sizeof(*saddr6)); else { + #if 0 /* by momose */ ia = in6_ifawithifp(ifp, &ip6->ip6_dst); if (ia == NULL) { if (ln && ln->ln_hold) *************** *** 462,469 **** --- 476,553 ---- return; } ip6->ip6_src = ia->ia_addr.sin6_addr; + #else + int error; + struct ip6_pktopts *popts = NULL; + struct sockaddr_in6 dst_sa; + struct in6_addr *src, src_storage; + struct ip6_pktopts opts; + struct route_in6 ro; + + bzero(&ro, sizeof(ro)); + /* ip6_initpktopts(&opts); */ + #if defined(MIP6) && NMIP > 0 + bzero(&opts, sizeof(opts)); + opts.ip6po_hlim = -1; + opts.ip6po_flags |= IP6PO_USECOA; + popts = &opts; + #endif /* MIP6 && NMIP > 0 */ + + bzero(&dst_sa, sizeof(dst_sa)); + dst_sa.sin6_family = AF_INET6; + dst_sa.sin6_len = sizeof(dst_sa); + dst_sa.sin6_addr = ip6->ip6_dst; + + src = in6_selectsrc(&dst_sa, + popts, + NULL, &ro, NULL, &src_storage, &error); + if (src == NULL) { + nd6log((LOG_DEBUG, + "nd6_ns_output: source can't be " + "determined: dst=%s, error=%d\n", + ip6_sprintf(&dst_sa.sin6_addr), error)); + if (ro.ro_rt) { + RTFREE(ro.ro_rt); + } + goto bad; + } + ip6->ip6_src = *src; + if (ro.ro_rt) { + RTFREE(ro.ro_rt); + } + #endif } #endif + #if defined(MIP6) && NMIP > 0 + /* + * returning home case: don't send a unicast NS before + * deregistration has been completed. + */ + { + struct in6_ifaddr *ia6; + + ia6 = in6ifa_ifpwithaddr(ifp, &ip6->ip6_src); + if (ia6 == NULL) + goto bad; + if (ia6->ia6_flags & IN6_IFF_DEREGISTERING) { + ip6->ip6_dst.s6_addr16[0] = + IPV6_ADDR_INT16_MLL; + ip6->ip6_dst.s6_addr16[1] = 0; + ip6->ip6_dst.s6_addr32[1] = 0; + ip6->ip6_dst.s6_addr32[2] = + IPV6_ADDR_INT32_ONE; + ip6->ip6_dst.s6_addr32[3] = + taddr6->s6_addr32[3]; + ip6->ip6_dst.s6_addr8[12] = 0xff; + #if 0 + if (in6_setscope(&ip6->ip6_dst, ifp, NULL)) + goto bad; + #endif + bzero(&ip6->ip6_src, sizeof(ip6->ip6_src)); + dad = 1; /* XXX to set IPV6_UNSPECSRC */ + } + } + #endif /* MIP6 && NMIP > 0 */ } else { /* * Source address for DAD packet must always be IPv6 *************** *** 523,528 **** --- 607,618 ---- icmp6_ifstat_inc(outif, ifs6_out_neighborsolicit); } icmp6stat.icp6s_outhist[ND_NEIGHBOR_SOLICIT]++; + + return; + + bad: + m_freem(m); + return; } /* *************** *** 853,862 **** struct in6_ifaddr *ia = NULL; struct ip6_moptions im6o; int icmp6len; ! int maxlen; caddr_t mac = NULL; struct ifnet *outif = NULL; /* estimate the size of message */ maxlen = sizeof(*ip6) + sizeof(*nd_na); maxlen += (sizeof(struct nd_opt_hdr) + ifp->if_addrlen + 7) & ~7; --- 943,961 ---- struct in6_ifaddr *ia = NULL; struct ip6_moptions im6o; int icmp6len; ! int maxlen, error; caddr_t mac = NULL; struct ifnet *outif = NULL; + struct route_in6 ro; + struct in6_addr *src, src_storage; + struct ip6_pktopts *popts = NULL; + struct sockaddr_in6 dst_sa; + #if defined(MIP6) && NMIP > 0 + struct ip6_pktopts opts; + #endif /* MIP6 && NMIP > 0 */ + bzero(&ro, sizeof(ro)); + /* estimate the size of message */ maxlen = sizeof(*ip6) + sizeof(*nd_na); maxlen += (sizeof(struct nd_opt_hdr) + ifp->if_addrlen + 7) & ~7; *************** *** 909,923 **** --- 1008,1046 ---- } else ip6->ip6_dst = *daddr6; + bzero(&dst_sa, sizeof(struct sockaddr_in6)); + dst_sa.sin6_family = AF_INET6; + dst_sa.sin6_len = sizeof(struct sockaddr_in6); + dst_sa.sin6_addr = ip6->ip6_dst; + /* * Select a source whose scope is the same as that of the dest. */ + #if defined(MIP6) && NMIP > 0 + bzero(&opts, sizeof(opts)); + opts.ip6po_flags |= IP6PO_USECOA; + popts = &opts; + #endif /* MIP6 && NMIP > 0 */ + #if 0 ia = in6_ifawithifp(ifp, &ip6->ip6_dst); if (ia == NULL) { m_freem(m); return; } ip6->ip6_src = ia->ia_addr.sin6_addr; + #else + bcopy(&dst_sa, &ro.ro_dst, sizeof(dst_sa)); + src = in6_selectsrc(&dst_sa, + popts, + NULL, &ro, NULL, &src_storage, &error); + if (src == NULL) { + nd6log((LOG_DEBUG, "nd6_na_output: source can't be " + "determined: dst=%s, error=%d\n", + ip6_sprintf(&dst_sa.sin6_addr), error)); + goto bad; + } + ip6->ip6_src = *src; + #endif nd_na = (struct nd_neighbor_advert *)(ip6 + 1); nd_na->nd_na_type = ND_NEIGHBOR_ADVERT; nd_na->nd_na_code = 0; *************** *** 980,985 **** --- 1103,1120 ---- icmp6_ifstat_inc(outif, ifs6_out_neighboradvert); } icmp6stat.icp6s_outhist[ND_NEIGHBOR_ADVERT]++; + + if (ro.ro_rt) { + RTFREE(ro.ro_rt); + } + return; + + bad: + if (ro.ro_rt) { + RTFREE(ro.ro_rt); + } + m_freem(m); + return; } caddr_t *************** *** 1003,1009 **** static struct dadq_head dadq; static int dad_init = 0; ! static struct dadq * nd6_dad_find( struct ifaddr *ifa) { --- 1138,1159 ---- static struct dadq_head dadq; static int dad_init = 0; ! #ifdef MIP6 ! struct ifaddr * ! nd6_dad_find_by_addr(addr) ! struct in6_addr *addr; ! { ! struct dadq *dp; ! ! for (dp = dadq.tqh_first; dp; dp = dp->dad_list.tqe_next) { ! if (IN6_ARE_ADDR_EQUAL(&((struct in6_ifaddr *)dp->dad_ifa)->ia_addr.sin6_addr, addr)) ! return dp->dad_ifa; ! } ! return NULL; ! } ! #endif /* MIP6 */ ! ! struct dadq * nd6_dad_find( struct ifaddr *ifa) { *************** *** 1292,1297 **** --- 1442,1456 ---- in6_post_msg(ia->ia_ifp, KEV_INET6_NEW_USER_ADDR, ia); FREE(dp, M_IP6NDP); dp = NULL; + #if defined(MIP6) && NMIP > 0 + rt_addrinfomsg((struct ifaddr *)ia); + #endif /* MIP6 && NMIP > 0 */ + #ifdef MIP6 + if (ia->ia6_flags & IN6_IFF_PSEUDOIFA) { + /* Notify the address was not duplicated via mipsock */ + mips_notify_dad_result(MIPM_DAD_SUCCESS, &ia->ia_addr.sin6_addr, ia->ia_ifp->if_index); + } + #endif /* MIP6 */ ifafree(ifa); } } *************** *** 1335,1340 **** --- 1494,1505 ---- lck_mtx_unlock(dad6_mutex); FREE(dp, M_IP6NDP); dp = NULL; + #ifdef MIP6 + if (ia->ia6_flags & IN6_IFF_PSEUDOIFA) { + /* Notify the address was not duplicated via mipsock */ + mips_notify_dad_result(MIPM_DAD_FAIL, &ia->ia_addr.sin6_addr, ia->ia_ifp->if_index); + } + #endif /* MIP6 */ ifafree(ifa); } Index: xnu/bsd/netinet6/raw_ip6.c diff -c xnu/bsd/netinet6/raw_ip6.c:1.1.1.1 xnu/bsd/netinet6/raw_ip6.c:1.1.1.1.20.1 *** xnu/bsd/netinet6/raw_ip6.c:1.1.1.1 Sun Sep 18 03:53:05 2005 --- xnu/bsd/netinet6/raw_ip6.c Sun Apr 29 06:59:46 2007 *************** *** 139,144 **** --- 139,149 ---- struct mbuf *opts = NULL; struct sockaddr_in6 rip6src; int proto = ip6->ip6_nxt; + int off; + u_int8_t exthdr[2]; + #if IPSEC + int ipsec6_rej = 0; + #endif rip6stat.rip6s_ipackets++; *************** *** 150,155 **** --- 155,168 ---- } #endif + off = sizeof(struct ip6_hdr); + while (off < *offp) { + m_copydata(m, off, sizeof(exthdr), (caddr_t)exthdr); + proto = exthdr[0]; + off += (exthdr[1] + 1) << 3; + } + + init_sin6(&rip6src, m); /* general init */ lck_rw_lock_shared(ripcbinfo.mtx); *************** *** 180,193 **** /* * Check AH/ESP integrity. */ if (ipsec_bypass == 0 && n) { lck_mtx_lock(sadb_mutex); ! if (ipsec6_in_reject_so(n, last->inp_socket)) { ! m_freem(n); ! ipsec6stat.in_polvio++; ! /* do not inject data into pcb */ ! } lck_mtx_unlock(sadb_mutex); } else #endif /*IPSEC*/ if (n) { --- 193,208 ---- /* * Check AH/ESP integrity. */ + ipsec6_rej = 0; if (ipsec_bypass == 0 && n) { lck_mtx_lock(sadb_mutex); ! ipsec6_rej = ipsec6_in_reject_so(n, last->inp_socket); lck_mtx_unlock(sadb_mutex); + } + if (ipsec6_rej) { + m_freem(n); + ipsec6stat.in_polvio++; + /* do not inject data into pcb */ } else #endif /*IPSEC*/ if (n) { *************** *** 212,226 **** /* * Check AH/ESP integrity. */ if (ipsec_bypass == 0 && last) { lck_mtx_lock(sadb_mutex); ! if (ipsec6_in_reject_so(m, last->inp_socket)) { ! m_freem(m); ! ipsec6stat.in_polvio++; ! ip6stat.ip6s_delivered--; ! /* do not inject data into pcb */ ! } lck_mtx_unlock(sadb_mutex); } else #endif /*IPSEC*/ if (last) { --- 227,243 ---- /* * Check AH/ESP integrity. */ + ipsec6_rej = 0; if (ipsec_bypass == 0 && last) { lck_mtx_lock(sadb_mutex); ! ipsec6_rej = ipsec6_in_reject_so(m, last->inp_socket); lck_mtx_unlock(sadb_mutex); + } + if (ipsec6_rej) { + m_freem(m); + ipsec6stat.in_polvio++; + ip6stat.ip6s_delivered--; + /* do not inject data into pcb */ } else #endif /*IPSEC*/ if (last) { Index: xnu/bsd/netinet6/route6.c diff -c xnu/bsd/netinet6/route6.c:1.1.1.1 xnu/bsd/netinet6/route6.c:1.1.1.1.20.2 *** xnu/bsd/netinet6/route6.c:1.1.1.1 Sun Sep 18 03:53:05 2005 --- xnu/bsd/netinet6/route6.c Sun Apr 29 09:59:54 2007 *************** *** 42,52 **** --- 42,63 ---- #include #include + #ifdef MIP6 + #include "mip.h" + #include + #endif /* MIP6 */ + #include + extern int ip6_rthdr0_allowed; static int ip6_rthdr0(struct mbuf *, struct ip6_hdr *, struct ip6_rthdr0 *); + #if defined(MIP6) && NMIP > 0 + static int ip6_rthdr2 __P((struct mbuf *, struct ip6_hdr *, + struct ip6_rthdr2 *)); + #endif /* defined(MIP6) && NMIP > 0 */ + int route6_input(mp, offp) struct mbuf **mp; *************** *** 56,66 **** struct mbuf *m = *mp; struct ip6_rthdr *rh; int off = *offp, rhlen; ! struct mbuf *n; n = ip6_findaux(m); if (n) { ! struct ip6aux *ip6a = mtod(n, struct ip6aux *); /* XXX reject home-address option before rthdr */ if (ip6a->ip6a_flags & IP6A_SWAP) { ip6stat.ip6s_badoptions++; --- 67,77 ---- struct mbuf *m = *mp; struct ip6_rthdr *rh; int off = *offp, rhlen; ! struct m_tag *n; n = ip6_findaux(m); if (n) { ! struct ip6aux *ip6a = (struct ip6aux *) (n + 1); /* XXX reject home-address option before rthdr */ if (ip6a->ip6a_flags & IP6A_SWAP) { ip6stat.ip6s_badoptions++; *************** *** 84,89 **** --- 95,102 ---- switch (rh->ip6r_type) { case IPV6_RTHDR_TYPE_0: + if (!ip6_rthdr0_allowed) + return (IPPROTO_DONE); rhlen = (rh->ip6r_len + 1) << 3; #ifndef PULLDOWN_TEST /* *************** *** 110,115 **** --- 123,147 ---- if (ip6_rthdr0(m, ip6, (struct ip6_rthdr0 *)rh)) return(IPPROTO_DONE); break; + #if defined(MIP6) && NMIP > 0 + case IPV6_RTHDR_TYPE_2: + rhlen = (rh->ip6r_len + 1) << 3; + + #ifndef PULLDOWN_TEST + IP6_EXTHDR_CHECK(m, off, rhlen, IPPROTO_DONE); + #else + IP6_EXTHDR_GET(rh, struct ip6_rthdr *, m, off, rhlen); + if (rh == NULL) { + ip6stat.ip6s_tooshort++; + return IPPROTO_DONE; + } + #endif + + if (ip6_rthdr2(m, ip6, (struct ip6_rthdr2 *)rh)) + return(IPPROTO_DONE); + + break; + #endif /* defined(MIP6) && NMIP > 0 */ default: /* unknown routing type */ if (rh->ip6r_segleft == 0) { *************** *** 216,218 **** --- 248,334 ---- return(-1); /* m would be freed in ip6_forward() */ } + + #if defined(MIP6) && NMIP > 0 + /* Type2 routing header processing */ + static int + ip6_rthdr2(m, ip6, rh2) + struct mbuf *m; + struct ip6_hdr *ip6; + struct ip6_rthdr2 *rh2; + { + struct in6_addr *nextaddr, tmpaddr; + struct in6_ifaddr *ifa; + + if (rh2->ip6r2_segleft == 0) + return (0); + + /* section 11.3.3 */ + if (rh2->ip6r2_len != 2) { + ip6stat.ip6s_badoptions++; + goto bad; + } + + if (rh2->ip6r2_segleft != 1) { + ip6stat.ip6s_badoptions++; + goto bad; + } + + rh2->ip6r2_segleft--; + nextaddr = (struct in6_addr *)(rh2 + 1); + + /* + * reject invalid addresses. be proactive about malicious use of + * IPv4 mapped/compat address. + * XXX need more checks? + */ + if (IN6_IS_ADDR_MULTICAST(nextaddr) || + IN6_IS_ADDR_UNSPECIFIED(nextaddr) || + IN6_IS_ADDR_V4MAPPED(nextaddr) || + IN6_IS_ADDR_V4COMPAT(nextaddr)) { + ip6stat.ip6s_badoptions++; + goto bad; + } + + if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) || + IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst) || + IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst) || + IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) { + ip6stat.ip6s_badoptions++; + goto bad; + } + + /* + * determine the scope zone of the next hop, based on the interface + * of the current hop. [RFC4007, Section 9] + * Then disambiguate the scope zone for the next hop (if necessary). + */ + if ((ifa = ip6_getdstifaddr(m)) == NULL) + goto bad; + #if 0 + if (in6_setscope(nextaddr, ifa->ia_ifp, NULL) != 0) { + ip6stat.ip6s_badscope++; + goto bad; + } + #endif + + /* Check BUL xxx */ + + /* + * Swap the IPv6 destination address and nextaddr. Forward the packet. + */ + tmpaddr = *nextaddr; + *nextaddr = ip6->ip6_dst; + in6_clearscope(nextaddr); /* XXX */ + ip6->ip6_dst = tmpaddr; + + ip6_forward(m, 1, 0/*XXX*/); + + return (-1); /* m would be freed in ip6_forward() */ + + bad: + m_freem(m); + return (-1); + + } + #endif /* defined(MIP6) && NMIP > 0 */ Index: xnu/bsd/netkey/.prepare diff -c /dev/null xnu/bsd/netkey/.prepare:1.1.20.1 *** /dev/null Mon Apr 30 16:58:30 2007 --- xnu/bsd/netkey/.prepare Sun Apr 29 06:59:46 2007 *************** *** 0 **** --- 1,9 ---- + exclude key.c + exclude key.h + exclude key_debug.c + exclude key_debug.h + exclude key_var.h + exclude keydb.c + exclude keydb.h + exclude keysock.c + exclude keysock.h Index: xnu/bsd/netkey/key.c diff -c xnu/bsd/netkey/key.c:1.1.1.6 xnu/bsd/netkey/key.c:1.1.1.6.2.1 *** xnu/bsd/netkey/key.c:1.1.1.6 Sun Apr 29 06:41:04 2007 --- xnu/bsd/netkey/key.c Sun Apr 29 06:59:46 2007 *************** *** 105,110 **** --- 105,121 ---- /* randomness */ #include + #ifdef MIP6 + #include + #include + #if 0 + #include "mip.h" + #if NMIP > 0 + #include + #endif /* NMIP > 0*/ + #endif + #endif /* MIP6 */ + #include #ifndef satosin *************** *** 6434,6440 **** if (mhp->msg->sadb_msg_satype >= sizeof(regtree)/sizeof(regtree[0])) return key_senderror(so, m, EINVAL); ! /* When SATYPE_UNSPEC is specified, only return sabd_supported. */ if (mhp->msg->sadb_msg_satype == SADB_SATYPE_UNSPEC) goto setmsg; --- 6445,6451 ---- if (mhp->msg->sadb_msg_satype >= sizeof(regtree)/sizeof(regtree[0])) return key_senderror(so, m, EINVAL); ! /* When SATYPE_UNSP§EC is specified, only return sabd_supported. */ if (mhp->msg->sadb_msg_satype == SADB_SATYPE_UNSPEC) goto setmsg; *************** *** 7737,7739 **** --- 7748,8193 ---- return m; } + + #ifdef MIP6 + #if NMIP > 0 + void + key_mip6_update_mobile_node_ipsecdb(haddr, ocoa, ncoa, haaddr) + struct sockaddr_in6 *haddr; + struct sockaddr_in6 *ocoa; /* not used. may be NULL. */ + struct sockaddr_in6 *ncoa; + struct sockaddr_in6 *haaddr; + { + struct secpolicy *sp; + struct secpolicyindex *spidx; + struct ipsecrequest *isr; + struct secashead *sa; + struct secasindex *sahint; + struct mbuf *m; + struct sockaddr_in6 sin6; + + LIST_FOREACH(sp, &sptree[IPSEC_DIR_INBOUND], chain) { + /* check if we have a valid spidx. */ + if ((spidx = &sp->spidx) == NULL) + continue; + /* check addresses. */ + if (!IN6_ARE_ADDR_EQUAL(&sa6_any.sin6_addr, + &((struct sockaddr_in6 *)&spidx->src)->sin6_addr)) + continue; + if (!IN6_ARE_ADDR_EQUAL(&haddr->sin6_addr, + &((struct sockaddr_in6 *)&spidx->dst)->sin6_addr)) + continue; + /* check if the SP has a SA hint. */ + isr = sp->req; + if (isr == NULL) + continue; + sahint = &isr->saidx; + if (sahint == NULL) + continue; + + /* update SA entries from a home agent to a mobile node. */ + LIST_FOREACH(sa, &sahtree, chain) { + if (!IN6_ARE_ADDR_EQUAL(&haaddr->sin6_addr, + &((struct sockaddr_in6 *)&sa->saidx.src)->sin6_addr)) + continue; + /* XXX don't check the old CoA. instead, we use a uniqid. + if (!IN6_ARE_ADDR_EQUAL(&ocoa->sin6_addr, + &((struct sockaddr_in6 *)&sa->saidx.dst)->sin6_addr)) + continue; + */ + if (sa->saidx.mode != IPSEC_MODE_TUNNEL) + continue; + if (sa->saidx.reqid == 0) + continue; + if (sa->saidx.reqid != sahint->reqid) + continue; + + /* found. */ + *(struct sockaddr_in6 *)&(sa->saidx.dst) = *ncoa; + + /* free a cached route for the destination of + the SA to update. */ + if (sa->sa_route.ro_rt) { + RTFREE(sa->sa_route.ro_rt); + sa->sa_route.ro_rt = NULL; + } + } + /* update the tunnel endpoint of a mobile node side. */ + sin6 = *(struct sockaddr_in6 *)(&sahint->dst); + *(struct sockaddr_in6 *)(&sahint->dst) = *ncoa; + + #if 0 + if (mip6ctl_use_migrate) { + m = key_setmigrate(sp, (struct sockaddr *)haaddr, + (struct sockaddr *)&sin6, isr, 0, 0); + if (m == NULL) { + mip6log((LOG_ERR, + "key_mip6_update_mobile_node_ipsecdb: " + "failed to allocate a mbuf for " + "SADB_X_MIGRATE in INBOUND processing.\n")); + continue; + } + } else + #endif + { + /* announce the update. */ + m = key_setdumpsp(sp, SADB_X_SPDUPDATE, 0, 0); + if (m == NULL) { + mip6log((LOG_ERR, + "key_mip6_update_mobile_node_ipsecdb: " + "failed to allocate a mbuf for " + "SADB_X_SPDUPDATE in INBOUND processing.\n")); + continue; + } + } + key_sendup_mbuf(NULL, m, KEY_SENDUP_REGISTERED); + } + + /* update outbound data. */ + LIST_FOREACH(sp, &sptree[IPSEC_DIR_OUTBOUND], chain) { + /* check if we have a valid spidx. */ + if ((spidx = &sp->spidx) == NULL) + continue; + /* check addresses. */ + if (!IN6_ARE_ADDR_EQUAL(&haddr->sin6_addr, + &((struct sockaddr_in6 *)&spidx->src)->sin6_addr)) + continue; + if (!IN6_ARE_ADDR_EQUAL(&sa6_any.sin6_addr, + &((struct sockaddr_in6 *)&spidx->dst)->sin6_addr)) + continue; + /* check if the SP has a SA hint. */ + isr = sp->req; + if (isr == NULL) + continue; + sahint = &isr->saidx; + if (sahint == NULL) + continue; + + /* update SA entries from a mobile node to a home agent. */ + LIST_FOREACH(sa, &sahtree, chain) { + /* XXX don't check the old CoA. instead, we use uniqid. + if (!IN6_ARE_ADDR_EQUAL(&ocoa->sin6_addr, + &((struct sockaddr_in6 *)&sa->saidx.src)->sin6_addr)) + continue; + */ + if (!IN6_ARE_ADDR_EQUAL(&haaddr->sin6_addr, + &((struct sockaddr_in6 *)&sa->saidx.dst)->sin6_addr)) + continue; + if (sa->saidx.mode != IPSEC_MODE_TUNNEL) + continue; + if (sa->saidx.reqid == 0) + continue; + if (sa->saidx.reqid != sahint->reqid) + continue; + + /* found. */ + *(struct sockaddr_in6 *)&(sa->saidx.src) = *ncoa; + } + /* update the tunnel endpoint of a mobile node side. */ + sin6 = *(struct sockaddr_in6 *)(&sahint->src); + *(struct sockaddr_in6 *)(&sahint->src) = *ncoa; + + #if 0 + if (mip6ctl_use_migrate) { + m = key_setmigrate(sp, (struct sockaddr *)&sin6, + (struct sockaddr *)haaddr, isr, 1, 0); + if (m == NULL) { + mip6log((LOG_ERR, + "key_mip6_update_mobile_node_ipsecdb: " + "failed to allocate a mbuf for " + "SADB_X_MIGRATE in OUTBOUND processing.\n")); + continue; + } + } else + #endif + { + /* announce the update. */ + m = key_setdumpsp(sp, SADB_X_SPDUPDATE, 1, 0); + if (m == NULL) { + mip6log((LOG_ERR, + "key_mip6_update_mobile_node_ipsecdb: " + "failed to allocate a mbuf for " + "SADB_X_SPDUPDATE in OUTBOUND processing.\n")); + continue; + } + } + key_sendup_mbuf(NULL, m, KEY_SENDUP_REGISTERED); + } + } + #endif /* NMIP > 0 */ + + void + key_mip6_update_home_agent_ipsecdb(haddr, ocoa, ncoa, haaddr) + struct sockaddr_in6 *haddr; + struct sockaddr_in6 *ocoa; + struct sockaddr_in6 *ncoa; + struct sockaddr_in6 *haaddr; + { + struct secpolicy *sp; + struct secpolicyindex *spidx; + struct ipsecrequest *isr; + struct secashead *sa; + struct secasindex *sahint; + struct mbuf *m; + struct sockaddr_in6 sin6; + + /* update outbound data. */ + LIST_FOREACH(sp, &sptree[IPSEC_DIR_INBOUND], chain) { + /* check if we have a valid spidx. */ + if ((spidx = &sp->spidx) == NULL) + continue; + /* check addresses. */ + if (!IN6_ARE_ADDR_EQUAL(&haddr->sin6_addr, + &((struct sockaddr_in6 *)&spidx->src)->sin6_addr)) + continue; + if (!IN6_ARE_ADDR_EQUAL(&sa6_any.sin6_addr, + &((struct sockaddr_in6 *)&spidx->dst)->sin6_addr)) + continue; + /* check if we have a SA hint. */ + isr = sp->req; + if (isr == NULL) + continue; + sahint = &isr->saidx; + if (sahint == NULL) + continue; + + /* update SA entries from a mobile node to a home agent. */ + LIST_FOREACH(sa, &sahtree, chain) { + /* XXX don't check the old CoA. instead we use a uniqid. + if (!IN6_ARE_ADDR_EQUAL(&ocoa->sin6_addr, + &((struct sockaddr_in6 *)&sa->saidx.src)->sin6_addr)) + continue; + */ + if (!IN6_ARE_ADDR_EQUAL(&haaddr->sin6_addr, + &((struct sockaddr_in6 *)&sa->saidx.dst)->sin6_addr)) + continue; + if (sa->saidx.mode != IPSEC_MODE_TUNNEL) + continue; + if (sa->saidx.reqid == 0) + continue; + if (sa->saidx.reqid != sahint->reqid) + continue; + + /* found. */ + *(struct sockaddr_in6 *)&(sa->saidx.src) = *ncoa; + } + /* update a tunnel endpoint of a mobile node side. */ + sin6 = *(struct sockaddr_in6 *)(&sahint->src); + *(struct sockaddr_in6 *)(&sahint->src) = *ncoa; + + #if 0 + if (mip6ctl_use_migrate) { + m = key_setmigrate(sp, (struct sockaddr *)&sin6, + (struct sockaddr *)haaddr, isr, 0, 0); + if (m == NULL) { + mip6log((LOG_ERR, + "key_mip6_update_home_agent_ipsecdb: " + "failed to allocate a mbuf for " + "SADB_X_MIGRATE in INBOUND processing.\n")); + continue; + } + } else + #endif + { + /* announce the update */ + m = key_setdumpsp(sp, SADB_X_SPDUPDATE, 0, 0); + if (m == NULL) { + mip6log((LOG_ERR, + "key_mip6_update_home_agent_ipsecdb: " + "failed to allocate a mbuf for " + "SADB_X_SPDUPDATE in INBOUND processing.\n")); + continue; + } + } + key_sendup_mbuf(NULL, m, KEY_SENDUP_REGISTERED); + } + + /* update outbound data. */ + LIST_FOREACH(sp, &sptree[IPSEC_DIR_OUTBOUND], chain) { + /* check if we have a valid spidx. */ + if ((spidx = &sp->spidx) == NULL) + continue; + /* check addresses. */ + if (!IN6_ARE_ADDR_EQUAL(&sa6_any.sin6_addr, + &((struct sockaddr_in6 *)&spidx->src)->sin6_addr)) + continue; + if (!IN6_ARE_ADDR_EQUAL(&haddr->sin6_addr, + &((struct sockaddr_in6 *)&spidx->dst)->sin6_addr)) + continue; + /* check if we have a SA hint. */ + isr = sp->req; + if (isr == NULL) + continue; + sahint = &isr->saidx; + if (sahint == NULL) + continue; + + /* update SA entries from a home agent to a mobile node. */ + LIST_FOREACH(sa, &sahtree, chain) { + if (!IN6_ARE_ADDR_EQUAL(&haaddr->sin6_addr, + &((struct sockaddr_in6 *)&sa->saidx.src)->sin6_addr)) + continue; + /* XXX don't check the old CoA. instead, we use a uniqid. + if (!IN6_ARE_ADDR_EQUAL(&ocoa->sin6_addr, + &((struct sockaddr_in6 *)&sa->saidx.dst)->sin6_addr)) + continue; + */ + if (sa->saidx.mode != IPSEC_MODE_TUNNEL) + continue; + if (sa->saidx.reqid == 0) + continue; + if (sa->saidx.reqid != sahint->reqid) + continue; + + /* found. */ + *(struct sockaddr_in6 *)&(sa->saidx.dst) = *ncoa; + /* free the cached route for the destination of + the SA to update. */ + if (sa->sa_route.ro_rt) { + RTFREE(sa->sa_route.ro_rt); + sa->sa_route.ro_rt = NULL; + } + } + /* update a tunnel endpoint of a mobile node side. */ + sin6 = *(struct sockaddr_in6 *)(&sahint->dst); + *(struct sockaddr_in6 *)(&sahint->dst) = *ncoa; + + #if 0 + if (mip6ctl_use_migrate) { + m = key_setmigrate(sp, (struct sockaddr *)haaddr, + (struct sockaddr *)&sin6, isr, 1, 0); + if (m == NULL) { + mip6log((LOG_ERR, + "key_mip6_update_home_agent_ipsecdb: " + "failed to allocate a mbuf for " + "SADB_X_MIGRATE in INBOUND processing.\n")); + continue; + } + } else + #endif + { + /* announce the update */ + m = key_setdumpsp(sp, SADB_X_SPDUPDATE, 1, 0); + if (m == NULL) { + mip6log((LOG_ERR, + "key_mip6_update_home_agent_ipsecdb: " + "failed to allocate a mbuf for " + "SADB_X_SPDUPDATE in OUTBOUND processing.\n")); + continue; + } + } + key_sendup_mbuf(NULL, m, KEY_SENDUP_REGISTERED); + } + } + + static struct mbuf * + key_setmigrate(sp, oldsrc, olddst, isr, seq, pid) + struct secpolicy *sp; + struct sockaddr *oldsrc; + struct sockaddr *olddst; + struct ipsecrequest *isr; + u_int32_t seq, pid; + { + struct mbuf *result = NULL, *m; + struct sadb_x_policy *xpl; + int xpllen; + caddr_t p; + struct sadb_x_ipsecrequest *xisr; + + + m = key_setsadbmsg(SADB_X_MIGRATE, 0, SADB_SATYPE_UNSPEC, seq, pid, + sp->refcnt); + if (m == NULL) + goto fail; + result = m; + + if (/*sp->spidx*/1) { + m = key_setsadbaddr(SADB_EXT_ADDRESS_SRC, + (struct sockaddr *)&sp->spidx.src, sp->spidx.prefs, + sp->spidx.ul_proto); + if (m == NULL) + goto fail; + m_cat(result, m); + + m = key_setsadbaddr(SADB_EXT_ADDRESS_DST, + (struct sockaddr *)&sp->spidx.dst, sp->spidx.prefd, + sp->spidx.ul_proto); + if (m == NULL) + goto fail; + m_cat(result, m); + } else + goto fail; + + xpllen = sizeof(struct sadb_x_policy) + + PFKEY_ALIGN8(sizeof(struct sadb_x_ipsecrequest) + + oldsrc->sa_len * 2) * 2; + + m = key_alloc_mbuf(xpllen); + if (m == NULL) + goto fail; + xpl = mtod(m, struct sadb_x_policy *); + bzero(xpl, xpllen); + xpl->sadb_x_policy_len = PFKEY_UNIT64(xpllen); + xpl->sadb_x_policy_exttype = SADB_X_EXT_POLICY; + xpl->sadb_x_policy_type = sp->policy; + #if 0 + xpl->sadb_x_policy_dir = sp->dir; + #endif + xpl->sadb_x_policy_id = sp->id; + p = (caddr_t)xpl + sizeof(struct sadb_x_policy); + + xisr = (struct sadb_x_ipsecrequest *)p; + xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto; + xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode; + xisr->sadb_x_ipsecrequest_level = isr->level; + xisr->sadb_x_ipsecrequest_reqid = isr->saidx.reqid; + p += sizeof(struct sadb_x_ipsecrequest); + bcopy(oldsrc, p, oldsrc->sa_len); + p += oldsrc->sa_len; + bcopy(olddst, p, olddst->sa_len); + p += olddst->sa_len; + + xisr->sadb_x_ipsecrequest_len = PFKEY_ALIGN8( + sizeof(struct sadb_x_ipsecrequest) + oldsrc->sa_len + + olddst->sa_len); + + xisr = (struct sadb_x_ipsecrequest *)p; + xisr->sadb_x_ipsecrequest_proto = isr->saidx.proto; + xisr->sadb_x_ipsecrequest_mode = isr->saidx.mode; + xisr->sadb_x_ipsecrequest_level = isr->level; + xisr->sadb_x_ipsecrequest_reqid = isr->saidx.reqid; + p += sizeof(struct sadb_x_ipsecrequest); + bcopy(&isr->saidx.src, p, isr->saidx.src.ss_len); + p += isr->saidx.src.ss_len; + bcopy(&isr->saidx.dst, p, isr->saidx.dst.ss_len); + p += isr->saidx.dst.ss_len; + + xisr->sadb_x_ipsecrequest_len = PFKEY_ALIGN8( + sizeof(struct sadb_x_ipsecrequest) + isr->saidx.src.ss_len + + isr->saidx.dst.ss_len); + + m_cat(result, m); + + if ((result->m_flags & M_PKTHDR) == 0) + goto fail; + + if (result->m_len < sizeof(struct sadb_msg)) { + result = m_pullup(result, sizeof(struct sadb_msg)); + if (result == NULL) + goto fail; + } + + result->m_pkthdr.len = 0; + for (m = result; m; m = m->m_next) + result->m_pkthdr.len += m->m_len; + + mtod(result, struct sadb_msg *)->sadb_msg_len = + PFKEY_UNIT64(result->m_pkthdr.len); + + return(result); + + fail: + m_freem(result); + return (NULL); + } + #endif /* MIP6 */ Index: xnu/bsd/netkey/key.h diff -c xnu/bsd/netkey/key.h:1.1.1.1 xnu/bsd/netkey/key.h:1.1.1.1.20.1 *** xnu/bsd/netkey/key.h:1.1.1.1 Sun Sep 18 03:53:05 2005 --- xnu/bsd/netkey/key.h Sun Apr 29 06:59:46 2007 *************** *** 71,75 **** --- 71,82 ---- extern void key_sa_routechange(struct sockaddr *); extern void key_sa_stir_iv(struct secasvar *); + #ifdef MIP6 + void key_mip6_update_mobile_node_ipsecdb(struct sockaddr_in6 *, + struct sockaddr_in6 *, struct sockaddr_in6 *, struct sockaddr_in6 *); + void key_mip6_update_home_agent_ipsecdb(struct sockaddr_in6 *, + struct sockaddr_in6 *, struct sockaddr_in6 *, struct sockaddr_in6 *); + #endif /* MIP6 */ + #endif /* KERNEL_PRIVATE */ #endif /* _NETKEY_KEY_H_ */ Index: xnu/bsd/sys/mbuf.h diff -c xnu/bsd/sys/mbuf.h:1.1.1.5 xnu/bsd/sys/mbuf.h:1.1.1.5.2.1 *** xnu/bsd/sys/mbuf.h:1.1.1.5 Sun Apr 29 06:41:15 2007 --- xnu/bsd/sys/mbuf.h Sun Apr 29 06:59:46 2007 *************** *** 567,574 **** KERNEL_TAG_TYPE_DUMMYNET = 1, KERNEL_TAG_TYPE_DIVERT = 2, KERNEL_TAG_TYPE_IPFORWARD = 3, ! KERNEL_TAG_TYPE_IPFILT = 4 }; /* * As a temporary and low impact solution to replace the even uglier --- 567,576 ---- KERNEL_TAG_TYPE_DUMMYNET = 1, KERNEL_TAG_TYPE_DIVERT = 2, KERNEL_TAG_TYPE_IPFORWARD = 3, ! KERNEL_TAG_TYPE_IPFILT = 4, ! KERNEL_TAG_TYPE_IP6 = 5 }; + #define PACKET_TAG_INET6 KERNEL_TAG_TYPE_IP6 /* * As a temporary and low impact solution to replace the even uglier *************** *** 603,608 **** --- 605,623 ---- __END_DECLS + static __inline struct m_tag * + m_tag_get(int type, int length, int wait) + { + return (m_tag_alloc(KERNEL_MODULE_TAG_ID, type, length, wait)); + } + + static __inline struct m_tag * + m_tag_find(struct mbuf *m, int type, struct m_tag *start) + { + return (SLIST_EMPTY(&m->m_pkthdr.tags) ? + NULL : m_tag_locate(m, KERNEL_MODULE_TAG_ID, type, start)); + } + #endif /* KERNEL */ #endif /* KERNEL_PRIVATE */ Index: xnu/bsd/sys/socket.h diff -c xnu/bsd/sys/socket.h:1.1.1.7 xnu/bsd/sys/socket.h:1.1.1.7.2.1 *** xnu/bsd/sys/socket.h:1.1.1.7 Sun Apr 29 06:41:16 2007 --- xnu/bsd/sys/socket.h Sun Apr 29 06:59:46 2007 *************** *** 275,281 **** #ifndef __APPLE__ #define AF_NETGRAPH 32 /* Netgraph sockets */ #endif ! #define AF_MAX 37 #endif /* !_POSIX_C_SOURCE */ /* --- 275,282 ---- #ifndef __APPLE__ #define AF_NETGRAPH 32 /* Netgraph sockets */ #endif ! #define AF_MOBILITY 37 ! #define AF_MAX 38 #endif /* !_POSIX_C_SOURCE */ /* *************** *** 375,380 **** --- 376,382 ---- #define PF_NETGRAPH AF_NETGRAPH #endif + #define PF_MOBILITY AF_MOBILITY #define PF_MAX AF_MAX /* Index: xnu/bsd/sys/sockio.h diff -c xnu/bsd/sys/sockio.h:1.1.1.5 xnu/bsd/sys/sockio.h:1.1.1.5.2.1 *** xnu/bsd/sys/sockio.h:1.1.1.5 Sun Apr 29 06:41:17 2007 --- xnu/bsd/sys/sockio.h Sun Apr 29 06:59:46 2007 *************** *** 161,167 **** --- 161,170 ---- #define SIOCIFGCLONERS _IOWR('i', 129, struct if_clonereq) /* get cloners */ #define SIOCIFGCLONERS64 _IOWR('i', 129, struct if_clonereq64) /* get cloners */ #endif KERNEL + #endif /* PRIVATE */ + #define SIOGBULIST _IOWR('i', 130, struct if_bulreq) /* get BUL */ + #ifdef PRIVATE /* * temporary control calls to attach/detach IP to/from an ethernet interface */