Start removing IPv6 Type 0 Routing header code.

RH0 was deprecated by RFC 5095. While most of the code had been disabled by #if 0 already, leave a bit of infrastructure for possible RH2 code and a log message under BURN_BRIDGES in case a user still tries to send RH0 packets. Reviewed by: gnn (a bit back, earlier version)
svn path=/head/; revision=189303
2009-03-03 13:12:12 +00:00 · 2009-03-03 13:12:12 +00:00 · 1263305f0c · 2020-12-20 02:59:44 +00:00
commit 1263305f0c
parent ff9e355b51
3 changed files with 26 additions and 168 deletions
--- a/sys/netinet/ip6.h
+++ b/sys/netinet/ip6.h
@ -219,7 +219,7 @@ struct ip6_rthdr {
 	/* followed by routing type specific data */
 } __packed;

-/* Type 0 Routing header */
+/* Type 0 Routing header, deprecated by RFC 5095. */
 struct ip6_rthdr0 {
 	u_int8_t  ip6r0_nxt;		/* next header */
 	u_int8_t  ip6r0_len;		/* length in units of 8 octets */
--- a/sys/netinet6/ip6_output.c
+++ b/sys/netinet6/ip6_output.c
@ -78,6 +78,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/protosw.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
+#include <sys/syslog.h>
 #include <sys/ucred.h>
 #include <sys/vimage.h>

@ -443,40 +444,23 @@ skip_ipsec2:;
 		struct ip6_rthdr *rh =
 			(struct ip6_rthdr *)(mtod(exthdrs.ip6e_rthdr,
 						  struct ip6_rthdr *));
-		struct ip6_rthdr0 *rh0;
-		struct in6_addr *addr;
-		struct sockaddr_in6 sa;

+		/*
+		 * While this switch may look gratuitous, leave it in
+		 * in favour of RH2 implementations, etc.
+		 */
 		switch (rh->ip6r_type) {
+#ifndef BURN_BRIDGES
 		case IPV6_RTHDR_TYPE_0:
-			 rh0 = (struct ip6_rthdr0 *)rh;
-			 addr = (struct in6_addr *)(rh0 + 1);
-
-			 /*
-			  * construct a sockaddr_in6 form of
-			  * the first hop.
-			  *
-			  * XXX: we may not have enough
-			  * information about its scope zone;
-			  * there is no standard API to pass
-			  * the information from the
-			  * application.
-			  */
-			 bzero(&sa, sizeof(sa));
-			 sa.sin6_family = AF_INET6;
-			 sa.sin6_len = sizeof(sa);
-			 sa.sin6_addr = addr[0];
-			 if ((error = sa6_embedscope(&sa,
-			     V_ip6_use_defzone)) != 0) {
-				 goto bad;
-			 }
-			 ip6->ip6_dst = sa.sin6_addr;
-			 bcopy(&addr[1], &addr[0], sizeof(struct in6_addr)
-			     * (rh0->ip6r0_segleft - 1));
-			 addr[rh0->ip6r0_segleft - 1] = finaldst;
-			 /* XXX */
-			 in6_clearscope(addr + rh0->ip6r0_segleft - 1);
-			 break;
+			/*
+			 * According to RFC 5095 we should not implement
+			 * it in any way but we may want to give the user
+			 * a hint for now.
+			 */
+			log(LOG_INFO, "[%s:%d] IPv6 Type 0 Routing Headers are "
+			    "deprecated.\n", __func__, __LINE__);
+			/* FALLTHROUGH */
+#endif
 		default:	/* is it possible? */
 			 error = EINVAL;
 			 goto bad;
--- a/sys/netinet6/route6.c
+++ b/sys/netinet6/route6.c
@ -53,12 +53,6 @@ __FBSDID("$FreeBSD$");
 #include <netinet/icmp6.h>
 #include <netinet6/vinet6.h>

-#if 0
-static int ip6_rthdr0 __P((struct mbuf *, struct ip6_hdr *,
-    struct ip6_rthdr0 *));
-
-#endif /* Disable route header processing. */
-
 /*
 * proto - is unused
 */
@ -96,38 +90,22 @@ route6_input(struct mbuf **mp, int *offp, int proto)
 	}
 #endif

+	/*
+	 * While this switch may look gratuitous, leave it in
+	 * in favour of RH2 implementations, etc.
+	 */
 	switch (rh->ip6r_type) {
-#if 0
+#ifndef BURN_BRIDGES
 	case IPV6_RTHDR_TYPE_0:
-		rhlen = (rh->ip6r_len + 1) << 3;
-#ifndef PULLDOWN_TEST
 		/*
-		 * note on option length:
-		 * due to IP6_EXTHDR_CHECK assumption, we cannot handle
-		 * very big routing header (max rhlen == 2048).
+		 * According to RFC 5095, 3.  Deprecation of RH0,
+		 * we must handle RH0 like the default (unknown
+		 * routing header type) case.
 		 */
-		IP6_EXTHDR_CHECK(m, off, rhlen, IPPROTO_DONE);
-#else
-		/*
-		 * note on option length:
-		 * maximum rhlen: 2048
-		 * max mbuf m_pulldown can handle: MCLBYTES == usually 2048
-		 * so, here we are assuming that m_pulldown can handle
-		 * rhlen == 2048 case.  this may not be a good thing to
-		 * assume - we may want to avoid pulling it up altogether.
-		 */
-		IP6_EXTHDR_GET(rh, struct ip6_rthdr *, m, off, rhlen);
-		if (rh == NULL) {
-			V_ip6stat.ip6s_tooshort++;
-			return IPPROTO_DONE;
-		}
+		/* FALLTHROUGH */
 #endif
-		if (ip6_rthdr0(m, ip6, (struct ip6_rthdr0 *)rh))
-			return (IPPROTO_DONE);
-		break;
-#endif /* Disable route header 0 */
 	default:
-		/* unknown routing type */
+		/* Unknown routing header type. */
 		if (rh->ip6r_segleft == 0) {
 			rhlen = (rh->ip6r_len + 1) << 3;
 			break;	/* Final dst. Just ignore the header. */
@ -141,107 +119,3 @@ route6_input(struct mbuf **mp, int *offp, int proto)
 	*offp += rhlen;
 	return (rh->ip6r_nxt);
 }
-
-/*
- * Type0 routing header processing
- *
- * RFC2292 backward compatibility warning: no support for strict/loose bitmap,
- * as it was dropped between RFC1883 and RFC2460.
- */
-#if 0
-static int
-ip6_rthdr0(struct mbuf *m, struct ip6_hdr *ip6, struct ip6_rthdr0 *rh0)
-{
-	INIT_VNET_INET6(curvnet);
-	int addrs, index;
-	struct in6_addr *nextaddr, tmpaddr;
-	struct in6_ifaddr *ifa;
-
-	if (rh0->ip6r0_segleft == 0)
-		return (0);
-
-	if (rh0->ip6r0_len % 2
-#ifdef COMPAT_RFC1883
-	    || rh0->ip6r0_len > 46
-#endif
-		) {
-		/*
-		 * Type 0 routing header can't contain more than 23 addresses.
-		 * RFC 2462: this limitation was removed since strict/loose
-		 * bitmap field was deleted.
-		 */
-		V_ip6stat.ip6s_badoptions++;
-		icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_HEADER,
-			    (caddr_t)&rh0->ip6r0_len - (caddr_t)ip6);
-		return (-1);
-	}
-
-	if ((addrs = rh0->ip6r0_len / 2) < rh0->ip6r0_segleft) {
-		V_ip6stat.ip6s_badoptions++;
-		icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_HEADER,
-			    (caddr_t)&rh0->ip6r0_segleft - (caddr_t)ip6);
-		return (-1);
-	}
-
-	index = addrs - rh0->ip6r0_segleft;
-	rh0->ip6r0_segleft--;
-	nextaddr = ((struct in6_addr *)(rh0 + 1)) + index;
-
-	/*
-	 * reject invalid addresses.  be proactive about malicious use of
-	 * IPv4 mapped/compat address.
-	 * XXX need more checks?
-	 */
-	if (IN6_IS_ADDR_MULTICAST(nextaddr) ||
-	    IN6_IS_ADDR_UNSPECIFIED(nextaddr) ||
-	    IN6_IS_ADDR_V4MAPPED(nextaddr) ||
-	    IN6_IS_ADDR_V4COMPAT(nextaddr)) {
-		V_ip6stat.ip6s_badoptions++;
-		m_freem(m);
-		return (-1);
-	}
-	if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) ||
-	    IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst) ||
-	    IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst) ||
-	    IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) {
-		V_ip6stat.ip6s_badoptions++;
-		m_freem(m);
-		return (-1);
-	}
-
-	/*
-	 * Determine the scope zone of the next hop, based on the interface
-	 * of the current hop. [RFC4007, Section 9]
-	 * Then disambiguate the scope zone for the next hop (if necessary).
-	 */
-	if ((ifa = ip6_getdstifaddr(m)) == NULL)
-		goto bad;
-	if (in6_setscope(nextaddr, ifa->ia_ifp, NULL) != 0) {
-		V_ip6stat.ip6s_badscope++;
-		goto bad;
-	}
-
-	/*
-	 * Swap the IPv6 destination address and nextaddr. Forward the packet.
-	 */
-	tmpaddr = *nextaddr;
-	*nextaddr = ip6->ip6_dst;
-	in6_clearscope(nextaddr); /* XXX */
-	ip6->ip6_dst = tmpaddr;
-
-#ifdef COMPAT_RFC1883
-	if (rh0->ip6r0_slmap[index / 8] & (1 << (7 - (index % 8))))
-		ip6_forward(m, IPV6_SRCRT_NEIGHBOR);
-	else
-		ip6_forward(m, IPV6_SRCRT_NOTNEIGHBOR);
-#else
-	ip6_forward(m, 1);
-#endif
-
-	return (-1);			/* m would be freed in ip6_forward() */
-
-  bad:
-	m_freem(m);
-	return (-1);
-}
-#endif