search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
slirp: fix segv when init failed
[qemu.git] / slirp / udp.c
blob93d72247920dabe2b845d191ebd53a03dab9e2e4
1 /*
2 * Copyright (c) 1982, 1986, 1988, 1990, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the University nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * @(#)udp_usrreq.c 8.4 (Berkeley) 1/21/94
30 * udp_usrreq.c,v 1.4 1994/10/02 17:48:45 phk Exp
31 */
32
33 /*
34 * Changes and additions relating to SLiRP
35 * Copyright (c) 1995 Danny Gasparovski.
36 *
37 * Please read the file COPYRIGHT for the
38 * terms and conditions of the copyright.
39 */
40
41 #include "qemu/osdep.h"
42 #include "slirp.h"
43 #include "ip_icmp.h"
44
45 static uint8_t udp_tos(struct socket *so);
46
47 void
48 udp_init(Slirp *slirp)
49 {
50 slirp->udb.so_next = slirp->udb.so_prev = &slirp->udb;
51 slirp->udp_last_so = &slirp->udb;
52 }
53
54 void udp_cleanup(Slirp *slirp)
55 {
56 while (slirp->udb.so_next != &slirp->udb) {
57 udp_detach(slirp->udb.so_next);
58 }
59 }
60
61 /* m->m_data points at ip packet header
62 * m->m_len length ip packet
63 * ip->ip_len length data (IPDU)
64 */
65 void
66 udp_input(register struct mbuf *m, int iphlen)
67 {
68 Slirp *slirp = m->slirp;
69 register struct ip *ip;
70 register struct udphdr *uh;
71 int len;
72 struct ip save_ip;
73 struct socket *so;
74 struct sockaddr_storage lhost;
75 struct sockaddr_in *lhost4;
76
77 DEBUG_CALL("udp_input");
78 DEBUG_ARG("m = %p", m);
79 DEBUG_ARG("iphlen = %d", iphlen);
80
81 /*
82 * Strip IP options, if any; should skip this,
83 * make available to user, and use on returned packets,
84 * but we don't yet have a way to check the checksum
85 * with options still present.
86 */
87 if(iphlen > sizeof(struct ip)) {
88 ip_stripoptions(m, (struct mbuf *)0);
89 iphlen = sizeof(struct ip);
90 }
91
92 /*
93 * Get IP and UDP header together in first mbuf.
94 */
95 ip = mtod(m, struct ip *);
96 uh = (struct udphdr *)((caddr_t)ip + iphlen);
97
98 /*
99 * Make mbuf data length reflect UDP length.
100 * If not enough data to reflect UDP length, drop.
101 */
102 len = ntohs((uint16_t)uh->uh_ulen);
103
104 if (ip->ip_len != len) {
105 if (len > ip->ip_len) {
106 goto bad;
107 }
108 m_adj(m, len - ip->ip_len);
109 ip->ip_len = len;
110 }
111
112 /*
113 * Save a copy of the IP header in case we want restore it
114 * for sending an ICMP error message in response.
115 */
116 save_ip = *ip;
117 save_ip.ip_len+= iphlen; /* tcp_input subtracts this */
118
119 /*
120 * Checksum extended UDP header and data.
121 */
122 if (uh->uh_sum) {
123 memset(&((struct ipovly *)ip)->ih_mbuf, 0, sizeof(struct mbuf_ptr));
124 ((struct ipovly *)ip)->ih_x1 = 0;
125 ((struct ipovly *)ip)->ih_len = uh->uh_ulen;
126 if(cksum(m, len + sizeof(struct ip))) {
127 goto bad;
128 }
129 }
130
131 lhost.ss_family = AF_INET;
132 lhost4 = (struct sockaddr_in *) &lhost;
133 lhost4->sin_addr = ip->ip_src;
134 lhost4->sin_port = uh->uh_sport;
135
136 /*
137 * handle DHCP/BOOTP
138 */
139 if (ntohs(uh->uh_dport) == BOOTP_SERVER &&
140 (ip->ip_dst.s_addr == slirp->vhost_addr.s_addr ||
141 ip->ip_dst.s_addr == 0xffffffff)) {
142 bootp_input(m);
143 goto bad;
144 }
145
146 /*
147 * handle TFTP
148 */
149 if (ntohs(uh->uh_dport) == TFTP_SERVER &&
150 ip->ip_dst.s_addr == slirp->vhost_addr.s_addr) {
151 m->m_data += iphlen;
152 m->m_len -= iphlen;
153 tftp_input(&lhost, m);
154 m->m_data -= iphlen;
155 m->m_len += iphlen;
156 goto bad;
157 }
158
159 if (slirp->restricted) {
160 goto bad;
161 }
162
163 /*
164 * Locate pcb for datagram.
165 */
166 so = solookup(&slirp->udp_last_so, &slirp->udb, &lhost, NULL);
167
168 if (so == NULL) {
169 /*
170 * If there's no socket for this packet,
171 * create one
172 */
173 so = socreate(slirp);
174 if (!so) {
175 goto bad;
176 }
177 if (udp_attach(so, AF_INET) == -1) {
178 DEBUG_MISC((dfd," udp_attach errno = %d-%s\n",
179 errno,strerror(errno)));
180 sofree(so);
181 goto bad;
182 }
183
184 /*
185 * Setup fields
186 */
187 so->so_lfamily = AF_INET;
188 so->so_laddr = ip->ip_src;
189 so->so_lport = uh->uh_sport;
190
191 if ((so->so_iptos = udp_tos(so)) == 0)
192 so->so_iptos = ip->ip_tos;
193
194 /*
195 * XXXXX Here, check if it's in udpexec_list,
196 * and if it is, do the fork_exec() etc.
197 */
198 }
199
200 so->so_ffamily = AF_INET;
201 so->so_faddr = ip->ip_dst; /* XXX */
202 so->so_fport = uh->uh_dport; /* XXX */
203
204 iphlen += sizeof(struct udphdr);
205 m->m_len -= iphlen;
206 m->m_data += iphlen;
207
208 /*
209 * Now we sendto() the packet.
210 */
211 if(sosendto(so,m) == -1) {
212 m->m_len += iphlen;
213 m->m_data -= iphlen;
214 *ip=save_ip;
215 DEBUG_MISC((dfd,"udp tx errno = %d-%s\n",errno,strerror(errno)));
216 icmp_send_error(m, ICMP_UNREACH, ICMP_UNREACH_NET, 0,
217 strerror(errno));
218 goto bad;
219 }
220
221 m_free(so->so_m); /* used for ICMP if error on sorecvfrom */
222
223 /* restore the orig mbuf packet */
224 m->m_len += iphlen;
225 m->m_data -= iphlen;
226 *ip=save_ip;
227 so->so_m=m; /* ICMP backup */
228
229 return;
230 bad:
231 m_free(m);
232 }
233
234 int udp_output(struct socket *so, struct mbuf *m,
235 struct sockaddr_in *saddr, struct sockaddr_in *daddr,
236 int iptos)
237 {
238 register struct udpiphdr *ui;
239 int error = 0;
240
241 DEBUG_CALL("udp_output");
242 DEBUG_ARG("so = %p", so);
243 DEBUG_ARG("m = %p", m);
244 DEBUG_ARG("saddr = %lx", (long)saddr->sin_addr.s_addr);
245 DEBUG_ARG("daddr = %lx", (long)daddr->sin_addr.s_addr);
246
247 /*
248 * Adjust for header
249 */
250 m->m_data -= sizeof(struct udpiphdr);
251 m->m_len += sizeof(struct udpiphdr);
252
253 /*
254 * Fill in mbuf with extended UDP header
255 * and addresses and length put into network format.
256 */
257 ui = mtod(m, struct udpiphdr *);
258 memset(&ui->ui_i.ih_mbuf, 0 , sizeof(struct mbuf_ptr));
259 ui->ui_x1 = 0;
260 ui->ui_pr = IPPROTO_UDP;
261 ui->ui_len = htons(m->m_len - sizeof(struct ip));
262 /* XXXXX Check for from-one-location sockets, or from-any-location sockets */
263 ui->ui_src = saddr->sin_addr;
264 ui->ui_dst = daddr->sin_addr;
265 ui->ui_sport = saddr->sin_port;
266 ui->ui_dport = daddr->sin_port;
267 ui->ui_ulen = ui->ui_len;
268
269 /*
270 * Stuff checksum and output datagram.
271 */
272 ui->ui_sum = 0;
273 if ((ui->ui_sum = cksum(m, m->m_len)) == 0)
274 ui->ui_sum = 0xffff;
275 ((struct ip *)ui)->ip_len = m->m_len;
276
277 ((struct ip *)ui)->ip_ttl = IPDEFTTL;
278 ((struct ip *)ui)->ip_tos = iptos;
279
280 error = ip_output(so, m);
281
282 return (error);
283 }
284
285 int
286 udp_attach(struct socket *so, unsigned short af)
287 {
288 so->s = qemu_socket(af, SOCK_DGRAM, 0);
289 if (so->s != -1) {
290 so->so_expire = curtime + SO_EXPIRE;
291 insque(so, &so->slirp->udb);
292 }
293 return(so->s);
294 }
295
296 void
297 udp_detach(struct socket *so)
298 {
299 closesocket(so->s);
300 sofree(so);
301 }
302
303 static const struct tos_t udptos[] = {
304 {0, 53, IPTOS_LOWDELAY, 0}, /* DNS */
305 {0, 0, 0, 0}
306 };
307
308 static uint8_t
309 udp_tos(struct socket *so)
310 {
311 int i = 0;
312
313 while(udptos[i].tos) {
314 if ((udptos[i].fport && ntohs(so->so_fport) == udptos[i].fport) ||
315 (udptos[i].lport && ntohs(so->so_lport) == udptos[i].lport)) {
316 so->so_emu = udptos[i].emu;
317 return udptos[i].tos;
318 }
319 i++;
320 }
321
322 return 0;
323 }
324
325 struct socket *
326 udp_listen(Slirp *slirp, uint32_t haddr, u_int hport, uint32_t laddr,
327 u_int lport, int flags)
328 {
329 struct sockaddr_in addr;
330 struct socket *so;
331 socklen_t addrlen = sizeof(struct sockaddr_in);
332
333 so = socreate(slirp);
334 if (!so) {
335 return NULL;
336 }
337 so->s = qemu_socket(AF_INET,SOCK_DGRAM,0);
338 so->so_expire = curtime + SO_EXPIRE;
339 insque(so, &slirp->udb);
340
341 addr.sin_family = AF_INET;
342 addr.sin_addr.s_addr = haddr;
343 addr.sin_port = hport;
344
345 if (bind(so->s,(struct sockaddr *)&addr, addrlen) < 0) {
346 udp_detach(so);
347 return NULL;
348 }
349 socket_set_fast_reuse(so->s);
350
351 getsockname(so->s,(struct sockaddr *)&addr,&addrlen);
352 so->fhost.sin = addr;
353 sotranslate_accept(so);
354 so->so_lfamily = AF_INET;
355 so->so_lport = lport;
356 so->so_laddr.s_addr = laddr;
357 if (flags != SS_FACCEPTONCE)
358 so->so_expire = 0;
359
360 so->so_state &= SS_PERSISTENT_MASK;
361 so->so_state |= SS_ISFCONNECTED | flags;
362
363 return so;
364 }
QEmu