19  *    contributors may be used to endorse or promote products derived
81 	 * We really don't need to lock this, but I will just because it
97  * Addresses are added to VRF's (Virtual Router's). For BSD we
101  * to a VRF we lookup the ifn/ifn_index, if the ifn does
102  * not exist we create it and add it to the list of IFN's
104  * address to the list. So we look something like:
113  * point to these from its source address selection nets structure.
119  * selection pointing to the sctp_ifa, eventually the refcount
134  *  - An endpoint may add multiple VRF's to it.
182 	/* Add it to the hash table */
388  * Add an ifa to an ifn.
561 				/* easy to solve, just switch back to active */
580 				SCTPDBG(SCTP_DEBUG_PCB4, "Moving ifa %p from %s (0x%x) to %s (0x%x)\n",
586 				/* move the address over to the new ifn */
632 			/* ok to use deprecated addresses? */
767 		 * hang around in EP's that have bound specific to it until
823 sctp_does_stcb_own_this_addr(struct sctp_tcb *stcb, struct sockaddr *to)
866 					 * we have sent an asconf-add to be
871 				if (sctp_ifa->address.sa.sa_family != to->sa_family) {
882 						rsin = (struct sockaddr_in *)to;
905 						rsin6 = (struct sockaddr_in6 *)to;
947 				 * sent an asconf-add to be considered
952 			if (laddr->ifa->address.sa.sa_family != to->sa_family) {
955 			switch (to->sa_family) {
962 					rsin = (struct sockaddr_in *)to;
976 					rsin6 = (struct sockaddr_in6 *)to;
997     struct sockaddr *to, struct sctp_nets **netp, uint32_t vrf_id)
1001 	 * If we support the TCP model, then we must now dig through to see
1011 	if ((to == NULL) || (from == NULL)) {
1015 	switch (to->sa_family) {
1019 			lport = ((struct sockaddr_in *)to)->sin_port;
1029 			lport = ((struct sockaddr_in6 *)to)->sin6_port;
1043 	 * addresses match this address (to). If so we update p_ep to point
1044 	 * to this ep and return the tcb from it.
1056 		switch (to->sa_family) {
1062 				sin = (struct sockaddr_in *)to;
1076 				sin6 = (struct sockaddr_in6 *)to;
1093 		/* check to see if the ep has one of the addresses */
1108 				    to->sa_family) {
1116 						sin = (struct sockaddr_in *)to;
1130 						    to;
1159 		if (!sctp_does_stcb_own_this_addr(stcb, to)) {
1175 		if (!sctp_does_stcb_own_this_addr(stcb, to)) {
1294 		 * it's only chance is to be the first TCB in the list. If
1295 		 * it is the acceptor, then do the special_lookup to hash
1299 			/* to is peer addr, from is my addr */
1540 	 * Use my the assoc_id to find a endpoint
1714 	 * ok, not bound to all so see if we can find a EP bound to this
1827 			/* else fall through to conflict */
1854 	/* Kick out all non-listeners to the TCP hash */
1889 	 * First we check the hash table to see if someone has this port
1920 	 * I could cheat here and just cast to one of the types but we will
1940 	 * its open to bind, so this is good enough.
1961  * Find an association for an endpoint with the pointer to whom you want to
1962  * send to and the endpoint pointer. The address can be IPv4 or IPv6. We may
1963  * need to change the *to to some other struct like a mbuf...
1966 sctp_findassociation_addr_sa(struct sockaddr *from, struct sockaddr *to,
1976 			stcb = sctp_tcb_special_locate(inp_p, from, to, netp,
1979 			stcb = sctp_tcb_special_locate(&inp, from, to, netp,
1987 	inp = sctp_pcb_findep(to, 0, 1, vrf_id);
1997 	 * we now place the source address or from in the to of the find
2002 		stcb = sctp_findassociation_ep_addr(inp_p, from, netp, to,
2005 		stcb = sctp_findassociation_ep_addr(&inp, from, netp, to,
2014  * address will be used to lookup the TCB and see if one exits.
2109 sctp_findassoc_by_vtag(struct sockaddr *from, struct sockaddr *to, uint32_t vtag,
2114 	 * Use my vtag to hash. If we find it we then verify the source addr
2152 			if (sctp_does_stcb_own_this_addr(stcb, to) == 0) {
2206  * Find an association with the pointer to the inbound IP packet. This can be
2242 			 * association that is linked to an existing
2267  * if the lookup address is 0.0.0.0 or ::0, use the vtag to do the lookup
2290 		SCTPDBG(SCTP_DEBUG_INPUT3, "%s: failed to get asconf lookup addr\n",
2310 				SCTPDBG(SCTP_DEBUG_INPUT3, "%s: failed to get asconf v6 lookup addr\n",
2337 				SCTPDBG(SCTP_DEBUG_INPUT3, "%s: failed to get asconf v4 lookup addr\n",
2371  * allocate a sctp_inpcb and setup a temporary binding to a port/all
2379 	 * we get called when a new endpoint starts up. We need to allocate
2436 	/* init the small hash table we use to track asocid <-> tcb */
2506 	/* add it to the info area */
2552 	/* number of streams to pre-open on a association */
2668 	/* Its safe to access */
2674 	 * Question, do we even need to worry about the ep-hash since we
2722 	/* Now any running timers need to be adjusted. */
2819  * sctp_ifap is used to bypass normal local address validation checks.
2825 	/* bind a ep to a socket address */
2882 				 * will transmute the ip address to the
2913 				 * will transmute the ipv6 address to the
2941 	/* Setup a vrf_id to be the default for the non-bind-all case. */
2949 		/* got to be root to get at low ports */
3084 	/* ok we look clear to give out this port, so lets setup the binding */
3086 		/* binding to all addresses, so just set in the proper flags */
3126 		 * address structure to the sctp_addr_list inside the ep
3129 		 * We will need to allocate one and insert it at the head.
3131 		 * as well. It will also have to do the embed scope kame
3155 		 * first find the interface with the bound address need to
3156 		 * zero out the port to find the address! yuck! can't do
3188 		/* allow bindx() to send ASCONF's for binding changes */
3193 		/* add this address to the endpoint list */
3209 	SCTPDBG(SCTP_DEBUG_PCB1, "Main hash to bind at head:%p, bound port:%d - in tcp_pool=%d\n",
3256 		 * iterator will try to operate on inp. We need to stop that
3262 		 * iterator flag. Otherwise we set the iterator to go to the
3273 	 * Now go through and remove any single reference to our inp that
3282 			/* This one points to me is it inp specific? */
3315 	 * complete then any timer has to be stopped. Then start the actual
3381 					 * kill timer on the asoc due to it
3396 				 * to just free since the app may have done,
3398 				 * it wants the data to get across first.
3437 					 * there is nothing queued to send,
3513 	 * If there is a timer running to kill us, forget it, since it may
3514 	 * have a contest on the INP lock.. which would cause us to die ...
3617 		 * no need to free the net count, since at this point all
3719 	 * The following is redundant to the same lines in the
3726 	SCTPDBG(SCTP_DEBUG_PCB1, "Adding an address (from:%d) to the peer: ",
3733 		 * Lie and return ok, we don't want to make the association
3739 		 * been added... and we don't want to end up removing it
3885 	 * We set this to 0, the timer code knows that this means its an
4044 	 * CMT: CUC algo - set find_pseudo_cumack to TRUE (1) at beginning
4105 	/* got to have a primary set */
4111 		/* No route to current primary adopt new primary */
4144 	 * We don't allow assoc id to be one of SCTP_FUTURE_ASSOC,
4163  * allocate an association and add it to the endpoint. The caller must be
4164  * careful to add all additional addresses once they are know right away or
4187 	 * sctp_findassociation_ep_addr(ep, addr's); to make sure the
4210 		 * If its in the TCP pool, its NOT allowed to create an
4211 		 * association. The parent listener needs to call
4301 		 * If you have not performed a bind, then we need to do the
4338 	/* now that my_vtag is set, add it to the hash */
4476 		/* Try to find a confirmed primary */
4511 	 * Here we need to remove a remote address. This is quite simple, we
4514 	 * on that item. Note we do not allow it to be removed if there are
4612 			 * We only do up to the block where we can place our
4618 	/* Need to add a new block to chain */
4674  * expect that the input to this function IS a locked TCB.
4751 	/* Now the read queue needs to be cleaned up (only once) */
4774 					/* Add an end to wake them */
4818 	 * When I reach here, no others want to kill the assoc yet.. and I
4820 	 * lock exchange below to grab all the locks to do the final take
4821 	 * out. to prevent this we increment the count, which will start a
4845 		 * connected. We also include the peel'ed off ones to.
4866 	 * Make it invalid too, that way if its about to run it will abort
4904 	 * Now restop the timers to be sure this is paranoia at is finest!
4912 	/* anything on the wheel needs to be removed */
5097 			panic("no net's left alloc'ed, or list points to itself");
5172 			 * this is the only safe way to do this since
5195  * to the current endpoint (e.g. only v4 or v6 currently bound)
5198  * FIX: if we allow assoc-level bindx(), then this needs to be fixed to use
5214 	 * only want to read the sctp_flags, which is either bound-all or
5223 		 * are bound-all you still might need to obey the V4--V6
5224 		 * flags??? IMO this bound-all stuff needs to be removed!
5287  * Add the address to the endpoint local address list There is nothing to be
5288  * done if we are bound to all addresses
5300 		/* You are already bound to all. You have it already */
5349  * when we deleted an ep addr that is the only usable source address to reach
5372  * to be done if we are bound to all addresses
5382 		/* You are already bound to all. You have it already */
5419 			 * to laddr
5442  * Add the address to the TCB local address restricted list.
5453 	 * Assumes TCB is locked.. and possibly the INP. May need to
5473 	/* add to the list */
5531 	/* Queue a packet to a processor for the specified core */
5585 	/* Bind to our cpu */
5742 	 * doomed to panic anyways... add later maybe.
5854 	 * still add the ifdef to make it compile on old versions.
5861 	 * continue and free/destroy it.  While holding the lock, spin, to
5862 	 * avoid the race condition as sctp_iterator_worker() will have to
5863 	 * wait to re-acquire the lock.
5987 	 * grub through the INIT pulling addresses and loading them to the
5990 	 * with either INIT or INIT-ACK's as long as the m points to the IP
5991 	 * packet and the offset points to the beginning of the parameters.
6095 			/* It belongs to another association? */
6558 				 * with the call to
6574 	/* Now check to see if we need to purge any addresses */
6667 		/* failed to get memory for the key */
6693 			/* Must be confirmed, so queue to set */
6728 		 * We choose not to lock anything here. TCB's can't be
6900 		/* We must back down to see what the new highest is */
6916 		 * a p-d-api up. An attacker COULD send enough in to
6917 		 * initiate the PD-API and then send a bunch of stuff to
6919 		 * queue.. and then we would not get to them. But in order
6920 		 * to do this I then have to back-track and un-deliver
6922 		 * we will NOT look at the delivery queue and leave it to be
6923 		 * something to consider later. An alternative would be to
6925 		 * the data.... Or another method might be to keep track of
6933 		 * Now do we need to find a new
6946 	 * two things to occur. It may cause us to do extra work in checking
6948 	 * to SACK every datagram. This may not be a bad thing though since
7090  * Atomically add flags to the sctp_flags of an inp.

Indexes created Thu May 30 22:23:56 MDT 2024