net.c revision 290001 
1/*
2 * Copyright (C) 2004, 2005, 2007, 2008, 2012  Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 1999-2003  Internet Software Consortium.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/* $Id$ */
19
20#include <config.h>
21
22#include <sys/types.h>
23
24#if defined(HAVE_SYS_SYSCTL_H)
25#if defined(HAVE_SYS_PARAM_H)
26#include <sys/param.h>
27#endif
28#include <sys/sysctl.h>
29#endif
30
31#include <errno.h>
32#include <unistd.h>
33
34#include <isc/log.h>
35#include <isc/msgs.h>
36#include <isc/net.h>
37#include <isc/once.h>
38#include <isc/strerror.h>
39#include <isc/string.h>
40#include <isc/util.h>
41
42/*%
43 * Definitions about UDP port range specification.  This is a total mess of
44 * portability variants: some use sysctl (but the sysctl names vary), some use
45 * system-specific interfaces, some have the same interface for IPv4 and IPv6,
46 * some separate them, etc...
47 */
48
49/*%
50 * The last resort defaults: use all non well known port space
51 */
52#ifndef ISC_NET_PORTRANGELOW
53#define ISC_NET_PORTRANGELOW 1024
54#endif	/* ISC_NET_PORTRANGELOW */
55#ifndef ISC_NET_PORTRANGEHIGH
56#define ISC_NET_PORTRANGEHIGH 65535
57#endif	/* ISC_NET_PORTRANGEHIGH */
58
59#ifdef HAVE_SYSCTLBYNAME
60
61/*%
62 * sysctl variants
63 */
64#if defined(__FreeBSD__) || defined(__APPLE__) || defined(__DragonFly__)
65#define USE_SYSCTL_PORTRANGE
66#define SYSCTL_V4PORTRANGE_LOW	"net.inet.ip.portrange.hifirst"
67#define SYSCTL_V4PORTRANGE_HIGH	"net.inet.ip.portrange.hilast"
68#define SYSCTL_V6PORTRANGE_LOW	"net.inet.ip.portrange.hifirst"
69#define SYSCTL_V6PORTRANGE_HIGH	"net.inet.ip.portrange.hilast"
70#endif
71
72#ifdef __NetBSD__
73#define USE_SYSCTL_PORTRANGE
74#define SYSCTL_V4PORTRANGE_LOW	"net.inet.ip.anonportmin"
75#define SYSCTL_V4PORTRANGE_HIGH	"net.inet.ip.anonportmax"
76#define SYSCTL_V6PORTRANGE_LOW	"net.inet6.ip6.anonportmin"
77#define SYSCTL_V6PORTRANGE_HIGH	"net.inet6.ip6.anonportmax"
78#endif
79
80#else /* !HAVE_SYSCTLBYNAME */
81
82#ifdef __OpenBSD__
83#define USE_SYSCTL_PORTRANGE
84#define SYSCTL_V4PORTRANGE_LOW	{ CTL_NET, PF_INET, IPPROTO_IP, \
85				  IPCTL_IPPORT_HIFIRSTAUTO }
86#define SYSCTL_V4PORTRANGE_HIGH	{ CTL_NET, PF_INET, IPPROTO_IP, \
87				  IPCTL_IPPORT_HILASTAUTO }
88/* Same for IPv6 */
89#define SYSCTL_V6PORTRANGE_LOW	SYSCTL_V4PORTRANGE_LOW
90#define SYSCTL_V6PORTRANGE_HIGH	SYSCTL_V4PORTRANGE_HIGH
91#endif
92
93#endif /* HAVE_SYSCTLBYNAME */
94
95#if defined(ISC_PLATFORM_NEEDIN6ADDRANY)
96const struct in6_addr isc_net_in6addrany = IN6ADDR_ANY_INIT;
97#endif
98
99#if defined(ISC_PLATFORM_HAVEIPV6)
100
101# if defined(ISC_PLATFORM_NEEDIN6ADDRLOOPBACK)
102const struct in6_addr isc_net_in6addrloop = IN6ADDR_LOOPBACK_INIT;
103# endif
104
105# if defined(WANT_IPV6)
106static isc_once_t 	once_ipv6only = ISC_ONCE_INIT;
107# endif
108
109# if defined(ISC_PLATFORM_HAVEIPV6) && \
110     defined(WANT_IPV6) && defined(ISC_PLATFORM_HAVEIN6PKTINFO)
111static isc_once_t 	once_ipv6pktinfo = ISC_ONCE_INIT;
112# endif
113#endif /* ISC_PLATFORM_HAVEIPV6 */
114
115static isc_once_t 	once = ISC_ONCE_INIT;
116
117static isc_result_t	ipv4_result = ISC_R_NOTFOUND;
118static isc_result_t	ipv6_result = ISC_R_NOTFOUND;
119static isc_result_t	unix_result = ISC_R_NOTFOUND;
120static isc_result_t	ipv6only_result = ISC_R_NOTFOUND;
121static isc_result_t	ipv6pktinfo_result = ISC_R_NOTFOUND;
122
123static isc_result_t
124try_proto(int domain) {
125	int s;
126	isc_result_t result = ISC_R_SUCCESS;
127	char strbuf[ISC_STRERRORSIZE];
128
129	s = socket(domain, SOCK_STREAM, 0);
130	if (s == -1) {
131		switch (errno) {
132#ifdef EAFNOSUPPORT
133		case EAFNOSUPPORT:
134#endif
135#ifdef EPROTONOSUPPORT
136		case EPROTONOSUPPORT:
137#endif
138#ifdef EINVAL
139		case EINVAL:
140#endif
141			return (ISC_R_NOTFOUND);
142		default:
143			isc__strerror(errno, strbuf, sizeof(strbuf));
144			UNEXPECTED_ERROR(__FILE__, __LINE__,
145					 "socket() %s: %s",
146					 isc_msgcat_get(isc_msgcat,
147							ISC_MSGSET_GENERAL,
148							ISC_MSG_FAILED,
149							"failed"),
150					 strbuf);
151			return (ISC_R_UNEXPECTED);
152		}
153	}
154
155#ifdef ISC_PLATFORM_HAVEIPV6
156#ifdef WANT_IPV6
157#ifdef ISC_PLATFORM_HAVEIN6PKTINFO
158	if (domain == PF_INET6) {
159		struct sockaddr_in6 sin6;
160		GETSOCKNAME_SOCKLEN_TYPE len;	/* NTP local change */
161
162		/*
163		 * Check to see if IPv6 is broken, as is common on Linux.
164		 */
165		len = sizeof(sin6);
166		if (getsockname(s, (struct sockaddr *)&sin6, &len) < 0)
167		{
168			isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
169				      ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR,
170				      "retrieving the address of an IPv6 "
171				      "socket from the kernel failed.");
172			isc_log_write(isc_lctx, ISC_LOGCATEGORY_GENERAL,
173				      ISC_LOGMODULE_SOCKET, ISC_LOG_ERROR,
174				      "IPv6 is not supported.");
175			result = ISC_R_NOTFOUND;
176		} else {
177			if (len == sizeof(struct sockaddr_in6))
178				result = ISC_R_SUCCESS;
179			else {
180				isc_log_write(isc_lctx,
181					      ISC_LOGCATEGORY_GENERAL,
182					      ISC_LOGMODULE_SOCKET,
183					      ISC_LOG_ERROR,
184					      "IPv6 structures in kernel and "
185					      "user space do not match.");
186				isc_log_write(isc_lctx,
187					      ISC_LOGCATEGORY_GENERAL,
188					      ISC_LOGMODULE_SOCKET,
189					      ISC_LOG_ERROR,
190					      "IPv6 is not supported.");
191				result = ISC_R_NOTFOUND;
192			}
193		}
194	}
195#endif
196#endif
197#endif
198
199	(void)close(s);
200
201	return (result);
202}
203
204static void
205initialize_action(void) {
206	ipv4_result = try_proto(PF_INET);
207#ifdef ISC_PLATFORM_HAVEIPV6
208#ifdef WANT_IPV6
209#ifdef ISC_PLATFORM_HAVEIN6PKTINFO
210	ipv6_result = try_proto(PF_INET6);
211#endif
212#endif
213#endif
214#ifdef ISC_PLATFORM_HAVESYSUNH
215	unix_result = try_proto(PF_UNIX);
216#endif
217}
218
219static void
220initialize(void) {
221	RUNTIME_CHECK(isc_once_do(&once, initialize_action) == ISC_R_SUCCESS);
222}
223
224isc_result_t
225isc_net_probeipv4(void) {
226	initialize();
227	return (ipv4_result);
228}
229
230isc_result_t
231isc_net_probeipv6(void) {
232	initialize();
233	return (ipv6_result);
234}
235
236isc_result_t
237isc_net_probeunix(void) {
238	initialize();
239	return (unix_result);
240}
241
242#ifdef ISC_PLATFORM_HAVEIPV6
243#ifdef WANT_IPV6
244static void
245try_ipv6only(void) {
246#ifdef IPV6_V6ONLY
247	int s, on;
248	char strbuf[ISC_STRERRORSIZE];
249#endif
250	isc_result_t result;
251
252	result = isc_net_probeipv6();
253	if (result != ISC_R_SUCCESS) {
254		ipv6only_result = result;
255		return;
256	}
257
258#ifndef IPV6_V6ONLY
259	ipv6only_result = ISC_R_NOTFOUND;
260	return;
261#else
262	/* check for TCP sockets */
263	s = socket(PF_INET6, SOCK_STREAM, 0);
264	if (s == -1) {
265		isc__strerror(errno, strbuf, sizeof(strbuf));
266		UNEXPECTED_ERROR(__FILE__, __LINE__,
267				 "socket() %s: %s",
268				 isc_msgcat_get(isc_msgcat,
269						ISC_MSGSET_GENERAL,
270						ISC_MSG_FAILED,
271						"failed"),
272				 strbuf);
273		ipv6only_result = ISC_R_UNEXPECTED;
274		return;
275	}
276
277	on = 1;
278	if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) {
279		ipv6only_result = ISC_R_NOTFOUND;
280		goto close;
281	}
282
283	close(s);
284
285	/* check for UDP sockets */
286	s = socket(PF_INET6, SOCK_DGRAM, 0);
287	if (s == -1) {
288		isc__strerror(errno, strbuf, sizeof(strbuf));
289		UNEXPECTED_ERROR(__FILE__, __LINE__,
290				 "socket() %s: %s",
291				 isc_msgcat_get(isc_msgcat,
292						ISC_MSGSET_GENERAL,
293						ISC_MSG_FAILED,
294						"failed"),
295				 strbuf);
296		ipv6only_result = ISC_R_UNEXPECTED;
297		return;
298	}
299
300	on = 1;
301	if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) {
302		ipv6only_result = ISC_R_NOTFOUND;
303		goto close;
304	}
305
306	ipv6only_result = ISC_R_SUCCESS;
307
308close:
309	close(s);
310	return;
311#endif /* IPV6_V6ONLY */
312}
313
314static void
315initialize_ipv6only(void) {
316	RUNTIME_CHECK(isc_once_do(&once_ipv6only,
317				  try_ipv6only) == ISC_R_SUCCESS);
318}
319
320#ifdef ISC_PLATFORM_HAVEIN6PKTINFO
321static void
322try_ipv6pktinfo(void) {
323	int s, on;
324	char strbuf[ISC_STRERRORSIZE];
325	isc_result_t result;
326	int optname;
327
328	result = isc_net_probeipv6();
329	if (result != ISC_R_SUCCESS) {
330		ipv6pktinfo_result = result;
331		return;
332	}
333
334	/* we only use this for UDP sockets */
335	s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP);
336	if (s == -1) {
337		isc__strerror(errno, strbuf, sizeof(strbuf));
338		UNEXPECTED_ERROR(__FILE__, __LINE__,
339				 "socket() %s: %s",
340				 isc_msgcat_get(isc_msgcat,
341						ISC_MSGSET_GENERAL,
342						ISC_MSG_FAILED,
343						"failed"),
344				 strbuf);
345		ipv6pktinfo_result = ISC_R_UNEXPECTED;
346		return;
347	}
348
349#ifdef IPV6_RECVPKTINFO
350	optname = IPV6_RECVPKTINFO;
351#else
352	optname = IPV6_PKTINFO;
353#endif
354	on = 1;
355	if (setsockopt(s, IPPROTO_IPV6, optname, &on, sizeof(on)) < 0) {
356		ipv6pktinfo_result = ISC_R_NOTFOUND;
357		goto close;
358	}
359
360	ipv6pktinfo_result = ISC_R_SUCCESS;
361
362close:
363	close(s);
364	return;
365}
366
367static void
368initialize_ipv6pktinfo(void) {
369	RUNTIME_CHECK(isc_once_do(&once_ipv6pktinfo,
370				  try_ipv6pktinfo) == ISC_R_SUCCESS);
371}
372#endif /* ISC_PLATFORM_HAVEIN6PKTINFO */
373#endif /* WANT_IPV6 */
374#endif /* ISC_PLATFORM_HAVEIPV6 */
375
376isc_result_t
377isc_net_probe_ipv6only(void) {
378#ifdef ISC_PLATFORM_HAVEIPV6
379#ifdef WANT_IPV6
380	initialize_ipv6only();
381#else
382	ipv6only_result = ISC_R_NOTFOUND;
383#endif
384#endif
385	return (ipv6only_result);
386}
387
388isc_result_t
389isc_net_probe_ipv6pktinfo(void) {
390#ifdef ISC_PLATFORM_HAVEIPV6
391#ifdef ISC_PLATFORM_HAVEIN6PKTINFO
392#ifdef WANT_IPV6
393	initialize_ipv6pktinfo();
394#else
395	ipv6pktinfo_result = ISC_R_NOTFOUND;
396#endif
397#endif
398#endif
399	return (ipv6pktinfo_result);
400}
401
402#if defined(USE_SYSCTL_PORTRANGE)
403#if defined(HAVE_SYSCTLBYNAME)
404static isc_result_t
405getudpportrange_sysctl(int af, in_port_t *low, in_port_t *high) {
406	int port_low, port_high;
407	size_t portlen;
408	const char *sysctlname_lowport, *sysctlname_hiport;
409
410	if (af == AF_INET) {
411		sysctlname_lowport = SYSCTL_V4PORTRANGE_LOW;
412		sysctlname_hiport = SYSCTL_V4PORTRANGE_HIGH;
413	} else {
414		sysctlname_lowport = SYSCTL_V6PORTRANGE_LOW;
415		sysctlname_hiport = SYSCTL_V6PORTRANGE_HIGH;
416	}
417	portlen = sizeof(portlen);
418	if (sysctlbyname(sysctlname_lowport, &port_low, &portlen,
419			 NULL, 0) < 0) {
420		return (ISC_R_FAILURE);
421	}
422	portlen = sizeof(portlen);
423	if (sysctlbyname(sysctlname_hiport, &port_high, &portlen,
424			 NULL, 0) < 0) {
425		return (ISC_R_FAILURE);
426	}
427	if ((port_low & ~0xffff) != 0 || (port_high & ~0xffff) != 0)
428		return (ISC_R_RANGE);
429
430	*low = (in_port_t)port_low;
431	*high = (in_port_t)port_high;
432
433	return (ISC_R_SUCCESS);
434}
435#else /* !HAVE_SYSCTLBYNAME */
436static isc_result_t
437getudpportrange_sysctl(int af, in_port_t *low, in_port_t *high) {
438	int mib_lo4[4] = SYSCTL_V4PORTRANGE_LOW;
439	int mib_hi4[4] = SYSCTL_V4PORTRANGE_HIGH;
440	int mib_lo6[4] = SYSCTL_V6PORTRANGE_LOW;
441	int mib_hi6[4] = SYSCTL_V6PORTRANGE_HIGH;
442	int *mib_lo, *mib_hi, miblen;
443	int port_low, port_high;
444	size_t portlen;
445
446	if (af == AF_INET) {
447		mib_lo = mib_lo4;
448		mib_hi = mib_hi4;
449		miblen = sizeof(mib_lo4) / sizeof(mib_lo4[0]);
450	} else {
451		mib_lo = mib_lo6;
452		mib_hi = mib_hi6;
453		miblen = sizeof(mib_lo6) / sizeof(mib_lo6[0]);
454	}
455
456	portlen = sizeof(portlen);
457	if (sysctl(mib_lo, miblen, &port_low, &portlen, NULL, 0) < 0) {
458		return (ISC_R_FAILURE);
459	}
460
461	portlen = sizeof(portlen);
462	if (sysctl(mib_hi, miblen, &port_high, &portlen, NULL, 0) < 0) {
463		return (ISC_R_FAILURE);
464	}
465
466	if ((port_low & ~0xffff) != 0 || (port_high & ~0xffff) != 0)
467		return (ISC_R_RANGE);
468
469	*low = (in_port_t) port_low;
470	*high = (in_port_t) port_high;
471
472	return (ISC_R_SUCCESS);
473}
474#endif /* HAVE_SYSCTLBYNAME */
475#endif /* USE_SYSCTL_PORTRANGE */
476
477isc_result_t
478isc_net_getudpportrange(int af, in_port_t *low, in_port_t *high) {
479	int result = ISC_R_FAILURE;
480
481	REQUIRE(low != NULL && high != NULL);
482
483#if defined(USE_SYSCTL_PORTRANGE)
484	result = getudpportrange_sysctl(af, low, high);
485#else
486	UNUSED(af);
487#endif
488
489	if (result != ISC_R_SUCCESS) {
490		*low = ISC_NET_PORTRANGELOW;
491		*high = ISC_NET_PORTRANGEHIGH;
492	}
493
494	return (ISC_R_SUCCESS);	/* we currently never fail in this function */
495}
496
497void
498isc_net_disableipv4(void) {
499	initialize();
500	if (ipv4_result == ISC_R_SUCCESS)
501		ipv4_result = ISC_R_DISABLED;
502}
503
504void
505isc_net_disableipv6(void) {
506	initialize();
507	if (ipv6_result == ISC_R_SUCCESS)
508		ipv6_result = ISC_R_DISABLED;
509}
510
511void
512isc_net_enableipv4(void) {
513	initialize();
514	if (ipv4_result == ISC_R_DISABLED)
515		ipv4_result = ISC_R_SUCCESS;
516}
517
518void
519isc_net_enableipv6(void) {
520	initialize();
521	if (ipv6_result == ISC_R_DISABLED)
522		ipv6_result = ISC_R_SUCCESS;
523}
524