Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

MIP6: mip6 id-18 supported (todo: L/S bit, refresh opt, BA authdata a…

…nd etc...)
  • Loading branch information...
commit c37ea764edbcf8d8b78a95ff9e62cc7afa32399a 1 parent 1e34e17
k-sugyou authored
View
17 kame/sys/netinet/icmp6.h
@@ -1,4 +1,4 @@
-/* $KAME: icmp6.h,v 1.72 2002/06/09 16:29:54 itojun Exp $ */
+/* $KAME: icmp6.h,v 1.73 2002/08/05 11:49:16 k-sugyou Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -318,22 +318,20 @@ struct ind_neighbor_advert { /* inverse neighbor advertisement */
struct ha_discov_req { /* HA Address Discovery Request */
struct icmp6_hdr ha_dreq_hdr;
-#ifdef MIP6_DRAFT13
- u_int32_t ha_dreq_reserved1;
u_int32_t ha_dreq_reserved2;
- struct in6_addr ha_dreq_home; /* MN home address */
-#endif /* MIP6_DRAFT13 */
+ u_int32_t ha_dreq_reserved3;
} __attribute__((__packed__));
#define discov_req_type ha_dreq_hdr.icmp6_type
#define discov_req_code ha_dreq_hdr.icmp6_code
#define discov_req_cksum ha_dreq_hdr.icmp6_cksum
#define discov_req_id ha_dreq_hdr.icmp6_data16[0]
+#define discov_req_reserved1 ha_dreq_hdr.icmp6_data16[1]
struct ha_discov_rep { /* HA Address Discovery Reply */
struct icmp6_hdr ha_drep_hdr;
- u_int32_t ha_drep_reserved1;
u_int32_t ha_drep_reserved2;
+ u_int32_t ha_drep_reserved3;
/* could be followed by Home Agent addresses */
} __attribute__((__packed__));
@@ -341,6 +339,7 @@ struct ha_discov_rep { /* HA Address Discovery Reply */
#define discov_rep_code ha_drep_hdr.icmp6_code
#define discov_rep_cksum ha_drep_hdr.icmp6_cksum
#define discov_rep_id ha_drep_hdr.icmp6_data16[0]
+#define discov_rep_reserved1 ha_drep_hdr.icmp6_data16[1]
struct mobile_prefix_solicit { /* Mobile Prefix Solicitation */
struct icmp6_hdr mp_sol_hdr;
@@ -349,7 +348,8 @@ struct mobile_prefix_solicit { /* Mobile Prefix Solicitation */
#define mp_sol_type mp_sol_hdr.icmp6_type
#define mp_sol_code mp_sol_hdr.icmp6_code
#define mp_sol_cksum mp_sol_hdr.icmp6_cksum
-#define mp_sol_reserved mp_sol_hdr.icmp6_data32[0]
+#define mp_sol_id mp_sol_hdr.icmp6_data16[0]
+#define mp_sol_reserved mp_sol_hdr.icmp6_data16[1]
struct mobile_prefix_advert { /* Mobile Prefix Advertisement */
struct icmp6_hdr mp_adv_hdr;
@@ -358,7 +358,8 @@ struct mobile_prefix_advert { /* Mobile Prefix Advertisement */
#define mp_adv_type mp_adv_hdr.icmp6_type
#define mp_adv_code mp_adv_hdr.icmp6_code
#define mp_adv_cksum mp_adv_hdr.icmp6_cksum
-#define mp_adv_opts mp_adv_hdr.icmp6_data8
+#define mp_adv_id mp_adv_hdr.icmp6_data16[0]
+#define mp_adv_opts mp_adv_hdr.icmp6_data16[1]
struct nd_opt_hdr { /* Neighbor discovery option header */
u_int8_t nd_opt_type;
View
75 kame/sys/netinet/ip6.h
@@ -1,4 +1,4 @@
-/* $KAME: ip6.h,v 1.31 2002/06/19 12:30:05 t-momose Exp $ */
+/* $KAME: ip6.h,v 1.32 2002/08/05 11:49:16 k-sugyou Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -300,7 +300,7 @@ struct ip6_mobility {
#define IP6M_BINDING_ERROR 0x0700
#endif /* BYTE_ORDER == LITTLE_ENDIAN */
-/* Binding Request message */
+/* Binding Refresh Request (BRR) message */
struct ip6m_binding_request {
u_int8_t ip6mr_pproto;
u_int8_t ip6mr_len;
@@ -317,7 +317,7 @@ struct ip6m_home_test_init {
u_int16_t ip6mhi_type;
u_int16_t ip6mhi_cksum;
u_int16_t ip6mhi_reserved;
- u_int32_t ip6mhi_mobile_cookie;
+ u_int8_t ip6mhi_hot_cookie[8];
/* followed by mobility options */
} __attribute__((__packed__));
@@ -328,7 +328,7 @@ struct ip6m_careof_test_init {
u_int16_t ip6mci_type;
u_int16_t ip6mci_cksum;
u_int16_t ip6mci_reserved;
- u_int32_t ip6mci_mobile_cookie;
+ u_int8_t ip6mci_cot_cookie[8];
/* followed by mobility options */
} __attribute__((__packed__));
@@ -338,11 +338,9 @@ struct ip6m_home_test {
u_int8_t ip6mh_len;
u_int16_t ip6mh_type;
u_int16_t ip6mh_cksum;
- u_int16_t ip6mh_reserved0;
u_int16_t ip6mh_nonce_index; /* idx of the CN nonce list array */
- u_int16_t ip6mh_reserved1;
- u_int32_t ip6mh_mobile_cookie;
- u_int8_t ip6mh_cookie[16]; /* K0 cookie */
+ u_int8_t ip6mh_hot_cookie[8];
+ u_int8_t ip6mh_cookie[8]; /* K0 cookie */
/* followed by mobility options */
} __attribute__((__packed__));
@@ -352,26 +350,22 @@ struct ip6m_careof_test {
u_int8_t ip6mc_len;
u_int16_t ip6mc_type;
u_int16_t ip6mc_cksum;
- u_int16_t ip6mc_reserved0;
u_int16_t ip6mc_nonce_index; /* idx of the CN nonce list array */
- u_int16_t ip6mc_reserved1;
- u_int32_t ip6mc_mobile_cookie;
- u_int8_t ip6mc_cookie[16]; /* K1 cookie */
+ u_int8_t ip6mc_cot_cookie[8];
+ u_int8_t ip6mc_cookie[8]; /* K1 cookie */
/* followed by mobility options */
} __attribute__((__packed__));
-/* Binding Update message */
+/* Binding Update (BU) message */
struct ip6m_binding_update {
u_int8_t ip6mu_pproto;
u_int8_t ip6mu_len;
u_int16_t ip6mu_type;
u_int16_t ip6mu_cksum;
- u_int8_t ip6mu_flags;
- u_int8_t ip6mu_reserved0;
u_int16_t ip6mu_seqno;
- u_int16_t ip6mu_reserved1;
- u_int32_t ip6mu_lifetime;
- struct in6_addr ip6mu_addr;
+ u_int8_t ip6mu_flags;
+ u_int8_t ip6mu_reserved;
+ u_int16_t ip6mu_lifetime;
/* followed by mobility options */
} __attribute__((__packed__));
@@ -380,54 +374,62 @@ struct ip6m_binding_update {
#define IP6MU_HOME 0x40 /* Home Registration */
#define IP6MU_SINGLE 0x20 /* Update the specified address only */
#define IP6MU_DAD 0x10 /* Perform Duplicate Address Detection */
+#define IP6MU_LINK 0x08 /* Link-Local Address Compatibility */
-/* Binding Ack message */
+/* Binding Acknowledgement (BA) message */
struct ip6m_binding_ack {
u_int8_t ip6ma_pproto;
u_int8_t ip6ma_len;
u_int16_t ip6ma_type;
u_int16_t ip6ma_cksum;
u_int8_t ip6ma_status;
- u_int8_t ip6ma_reserved0;
+ u_int8_t ip6ma_reserved;
u_int16_t ip6ma_seqno;
- u_int16_t ip6ma_reserved1;
- u_int32_t ip6ma_lifetime;
- u_int32_t ip6ma_refresh;
+ u_int16_t ip6ma_lifetime;
/* followed by mobility options */
} __attribute__((__packed__));
-/* Binding Error message */
+/* Binding Error (BE) message */
struct ip6m_binding_error {
u_int8_t ip6me_pproto;
u_int8_t ip6me_len;
u_int16_t ip6me_type;
u_int16_t ip6me_cksum;
u_int8_t ip6me_status;
- u_int8_t ip6me_reserved0;
+ u_int8_t ip6me_reserved;
struct in6_addr ip6me_addr;
/* followed by mobility options */
} __attribute__((__packed__));
/* Mobility options */
-#define IP6MOPT_PAD1 0
-#define IP6MOPT_PADN 1
-#define IP6MOPT_UID 2
-#define IP6MOPT_ALTCOA 3
-#define IP6MOPT_NONCE 4
-#define IP6MOPT_AUTHDATA 5
+struct ip6m_opt {
+ u_int8_t ip6mo_type;
+ u_int8_t ip6mo_len;
+ /* followed by option data */
+} __attribute__((__packed__));
+
+/* Mobility option type */
+#define IP6MOPT_PAD1 0 /* Pad1 */
+#define IP6MOPT_PADN 1 /* PadN */
+#define IP6MOPT_UID 2 /* Unique Identifier */
+#define IP6MOPT_ALTCOA 3 /* Alternate Care-of Address */
+#define IP6MOPT_NONCE 4 /* Nonce Indices */
+#define IP6MOPT_AUTHDATA 5 /* Binding Authorization Data */
+/* 6 reserved */
+#define IP6MOPT_REFRESH 7 /* Binding Refresh Advice */
/* Unique Identifier */
struct ip6m_opt_uid {
u_int8_t ip6mou_type;
u_int8_t ip6mou_len;
- u_int8_t ip6mou_id[2];
+ u_int8_t ip6mou_id[2]; /* Unique Identifier */
} __attribute__((__packed__));
/* Alternate Care-of Address */
struct ip6m_opt_altcoa {
u_int8_t ip6moa_type;
u_int8_t ip6moa_len;
- u_int8_t addr[16];
+ u_int8_t addr[16]; /* Alternate Care-of Address */
} __attribute__((__packed__));
/* Nonce Indices */
@@ -445,6 +447,13 @@ struct ip6m_opt_authdata {
/* followed by authenticator data */
} __attribute__((__packed__));
+/* Binding Refresh Advice */
+struct ip6m_opt_refresh {
+ u_int8_t ip6mor_type;
+ u_int8_t ip6mor_len;
+ u_int8_t ip6mor_refresh[2]; /* Refresh Interval */
+} __attribute__((__packed__));
+
/*
* Internet implementation parameters.
*/
View
214 kame/sys/netinet6/dest6.c
@@ -1,4 +1,4 @@
-/* $KAME: dest6.c,v 1.44 2002/08/02 08:15:34 k-sugyou Exp $ */
+/* $KAME: dest6.c,v 1.45 2002/08/05 11:49:16 k-sugyou Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -70,6 +70,9 @@
#endif /* MIP6 */
#ifdef MIP6
+static int dest6_swap_hao __P((struct ip6_hdr *, struct ip6aux *,
+ struct ip6_opt_home_address *));
+static int dest6_nextopt __P((struct mbuf *, int, struct ip6_opt *));
static int dest6_send_be __P((struct sockaddr_in6 *,
struct sockaddr_in6 *,
struct sockaddr_in6 *));
@@ -93,10 +96,12 @@ dest6_input(mp, offp, proto)
u_int8_t *opt;
#ifdef MIP6
struct mbuf *n;
- struct ip6_opt_home_address *haopt = NULL;
struct sockaddr_in6 *src_sa, *dst_sa, home_sa;
+ struct ip6_opt_home_address *haopt;
struct ip6aux *ip6a = NULL;
struct ip6_hdr *ip6;
+ struct mip6_bc *mbc;
+ int verified;
ip6 = mtod(m, struct ip6_hdr *);
#endif
@@ -175,44 +180,6 @@ dest6_input(mp, offp, proto)
if (scope6_check_id(&home_sa, ip6_use_defzone)
!= 0)
goto bad;
-
- /* check whether this HAO is 'verified'. */
- if (mip6_bc_list_find_withphaddr(
- &mip6_bc_list, &home_sa) != NULL) {
- /*
- * we have a corresponding binding
- * cache entry for the home address
- * includes in this HAO.
- */
- goto verified;
- }
- /* next, check if we have a ESP header. */
-#if 0
- if (dstopts->ip6d_nxt == IPPROTO_ESP) {
- /*
- * this packet is protected by ESP.
- * leave the validation to the ESP
- * processing routine.
- */
- goto verified;
- }
-#else
- goto verified;
-#endif
- /*
- * we have neither a corresponding binding
- * cache nor ESP header. we have no clue to
- * beleive this HAO is a correct one.
- */
- (void)dest6_send_be(dst_sa, src_sa, &home_sa);
- goto bad;
- verified:
-
- /* store the CoA in a aux. */
- bcopy(&ip6a->ip6a_src.sin6_addr, &ip6a->ip6a_coa,
- sizeof(ip6a->ip6a_coa));
- ip6a->ip6a_flags |= IP6A_HASEEN;
-
/*
* reject invalid home-addresses
*/
@@ -226,6 +193,27 @@ dest6_input(mp, offp, proto)
goto bad;
}
+ bcopy(&home_sa.sin6_addr, &ip6a->ip6a_coa,
+ sizeof(ip6a->ip6a_coa));
+ ip6a->ip6a_flags |= IP6A_HASEEN;
+
+ /* check whether this HAO is 'verified'. */
+ if ((mbc = mip6_bc_list_find_withphaddr(
+ &mip6_bc_list, &home_sa)) != NULL) {
+ /*
+ * we have a corresponding binding
+ * cache entry for the home address
+ * includes in this HAO.
+ */
+ if (SA6_ARE_ADDR_EQUAL(&mbc->mbc_pcoa,
+ &home_sa))
+ verified = 1;
+ }
+ /*
+ * we have neither a corresponding binding
+ * cache nor ESP header. we have no clue to
+ * beleive this HAO is a correct one.
+ */
/*
* Currently, no valid sub-options are
* defined for use in a Home Address option.
@@ -245,26 +233,8 @@ dest6_input(mp, offp, proto)
#ifdef MIP6
/* if haopt is non-NULL, we are sure we have seen fresh HA option */
- if (haopt && ip6a &&
- (ip6a->ip6a_flags & (IP6A_HASEEN | IP6A_SWAP)) == IP6A_HASEEN) {
- /* XXX should we do this at all? do it now or later? */
- /* XXX interaction with 2292bis IPV6_RECVDSTOPT */
- /* XXX interaction with ipsec - should be okay */
- /* XXX icmp6 responses is modified - which is bad */
- bcopy(haopt->ip6oh_addr, &ip6->ip6_src,
- sizeof(ip6->ip6_src));
- bcopy(haopt->ip6oh_addr, &ip6a->ip6a_src.sin6_addr,
- sizeof(ip6a->ip6a_src.sin6_addr));
- bcopy(&ip6a->ip6a_coa, haopt->ip6oh_addr,
- sizeof(haopt->ip6oh_addr));
-#if 0
- /* XXX linklocal address is (currently) not supported */
- if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src))
- ip6->ip6_src.s6_addr16[1]
- = htons(m->m_pkthdr.rcvif->if_index);
-#endif
- ip6a->ip6a_flags |= IP6A_SWAP;
- }
+ if (verified)
+ dest6_swap_hao(ip6, ip6a, haopt);
#endif /* MIP6 */
*offp = off;
@@ -276,6 +246,130 @@ dest6_input(mp, offp, proto)
}
#ifdef MIP6
+static int
+dest6_swap_hao(ip6, ip6a, haopt)
+struct ip6_hdr *ip6;
+struct ip6aux *ip6a;
+struct ip6_opt_home_address *haopt;
+{
+
+ if ((ip6a->ip6a_flags & (IP6A_HASEEN | IP6A_SWAP)) != IP6A_HASEEN)
+ return (EINVAL);
+
+ /* XXX should we do this at all? do it now or later? */
+ /* XXX interaction with 2292bis IPV6_RECVDSTOPT */
+ /* XXX interaction with ipsec - should be okay */
+ /* XXX icmp6 responses is modified - which is bad */
+ bcopy(&ip6->ip6_src, &ip6a->ip6a_coa, sizeof(ip6a->ip6a_coa));
+ bcopy(haopt->ip6oh_addr, &ip6->ip6_src, sizeof(ip6->ip6_src));
+ bcopy(haopt->ip6oh_addr, &ip6a->ip6a_src.sin6_addr,
+ sizeof(ip6a->ip6a_src.sin6_addr));
+ bcopy(&ip6a->ip6a_coa, haopt->ip6oh_addr, sizeof(haopt->ip6oh_addr));
+#if 0
+ /* XXX linklocal address is (currently) not supported */
+ if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src))
+ ip6->ip6_src.s6_addr16[1] = htons(m->m_pkthdr.rcvif->if_index);
+#endif
+ ip6a->ip6a_flags |= IP6A_SWAP;
+
+ return (0);
+}
+
+static int
+dest6_nextopt(m, off, ip6o)
+ struct mbuf *m;
+ int off;
+ struct ip6_opt *ip6o;
+{
+ u_int8_t type;
+
+ if (ip6o->ip6o_type != IP6OPT_PAD1)
+ off += 2 + ip6o->ip6o_len;
+ else
+ off += 1;
+ if (m->m_pkthdr.len < off + 1)
+ return -1;
+ m_copydata(m, off, sizeof(type), (caddr_t)&type);
+
+ switch (type) {
+ case IP6OPT_PAD1:
+ ip6o->ip6o_type = type;
+ ip6o->ip6o_len = 0;
+ return off;
+ default:
+ if (m->m_pkthdr.len < off + 2)
+ return -1;
+ m_copydata(m, off, sizeof(ip6o), (caddr_t)&ip6o);
+ if (m->m_pkthdr.len < off + 2 + ip6o->ip6o_len)
+ return -1;
+ return off;
+ }
+}
+
+int
+dest6_mip6_hao(m, nxt)
+struct mbuf *m;
+int nxt;
+{
+ struct ip6_hdr *ip6;
+ struct ip6aux *ip6a;
+ struct ip6_opt ip6o;
+ struct mbuf *n;
+ struct sockaddr_in6 home_sa;
+ struct ip6_opt_home_address haopt;
+ int newoff, off, proto;
+
+ if (!MIP6_IS_MN)
+ return (0);
+ if ((nxt == IPPROTO_HOPOPTS) || (nxt == IPPROTO_DSTOPTS)) {
+ return (0);
+ }
+ n = ip6_findaux(m);
+ if (!n)
+ return (0);
+ ip6a = mtod(n, struct ip6aux *);
+
+ if ((ip6a->ip6a_flags & (IP6A_HASEEN | IP6A_SWAP)) != IP6A_HASEEN)
+ return (0);
+
+
+ ip6 = mtod(m, struct ip6_hdr *);
+ /* find home address */
+ proto = IPPROTO_IPV6;
+ while (1) {
+ int nxt;
+ newoff = ip6_nexthdr(m, off, proto, &nxt);
+ if (newoff < 0 || newoff < off)
+ return (0); /* XXX */
+ if (nxt == IPPROTO_DSTOPTS)
+ break;
+
+ off = newoff;
+ proto = nxt;
+ }
+ ip6o.ip6o_type = IP6OPT_PADN;
+ ip6o.ip6o_len = 0;
+ while (1) {
+ newoff = dest6_nextopt(m, off, &ip6o);
+ if (newoff < 0)
+ return (0); /* XXX */
+ if (ip6o.ip6o_type == IP6OPT_HOME_ADDRESS)
+ break;
+ off = newoff;
+ }
+ m_copydata(m, off, sizeof(haopt), (caddr_t)&haopt);
+
+ if (nxt == IPPROTO_AH || nxt == IPPROTO_ESP || nxt == IPPROTO_MOBILITY)
+ return dest6_swap_hao(ip6, ip6a, &haopt);
+
+ /* reject */
+ home_sa = ip6a->ip6a_src;
+ home_sa.sin6_addr = *(struct in6_addr *)haopt.ip6oh_addr;
+ dest6_send_be(&ip6a->ip6a_dst, &ip6a->ip6a_src, &home_sa);
+
+ return (-1);
+}
+
/*
* send a binding error message.
*/
View
4 kame/sys/netinet6/ip6_input.c
@@ -1,4 +1,4 @@
-/* $KAME: ip6_input.c,v 1.288 2002/07/31 09:54:18 itojun Exp $ */
+/* $KAME: ip6_input.c,v 1.289 2002/08/05 11:49:16 k-sugyou Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -1131,6 +1131,8 @@ ip6_input(m)
* headers have been processed. get from Ericsson
* code. need more consideration.
*/
+ if (dest6_mip6_hao(m, nxt) < 0)
+ goto bad;
if ((nxt != IPPROTO_HOPOPTS) && (nxt != IPPROTO_DSTOPTS) &&
(nxt != IPPROTO_ROUTING) && (nxt != IPPROTO_FRAGMENT) &&
(nxt != IPPROTO_ESP) && (nxt != IPPROTO_AH) &&
View
6 kame/sys/netinet6/ip6_var.h
@@ -1,4 +1,4 @@
-/* $KAME: ip6_var.h,v 1.99 2002/07/30 04:41:35 jinmei Exp $ */
+/* $KAME: ip6_var.h,v 1.100 2002/08/05 11:49:17 k-sugyou Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -292,7 +292,6 @@ struct ip6aux {
/* ip6.ip6_src */
struct sockaddr_in6 ip6a_src; /* source address in the IPv6 header */
-#define ip6a_home ip6a_src
struct in6_addr ip6a_coa; /* care of address of the peer */
/* ip6.ip6_dst */
@@ -473,6 +472,9 @@ int rip6_usrreq __P((struct socket *,
int, struct mbuf *, struct mbuf *, struct mbuf *, struct proc *));
int dest6_input __P((struct mbuf **, int *, int));
+#ifdef MIP6
+int dest6_mip6_hao __P((struct mbuf *, int));
+#endif
int mobility6_input __P((struct mbuf **, int *, int));
int none_input __P((struct mbuf **, int *, int));
View
50 kame/sys/netinet6/mip6.c
@@ -1,4 +1,4 @@
-/* $KAME: mip6.c,v 1.151 2002/07/30 10:50:15 k-sugyou Exp $ */
+/* $KAME: mip6.c,v 1.152 2002/08/05 11:49:17 k-sugyou Exp $ */
/*
* Copyright (C) 2001 WIDE Project. All rights reserved.
@@ -46,6 +46,8 @@
#include "opt_ipsec.h"
#endif
+#define HMACSIZE 16
+
#if defined(MIP6_ALLOW_COA_FALLBACK) && defined(MIP6_BDT)
#error "you cannot specify both MIP6_ALLOW_COA_FALLBACK and MIP6_BDT"
#endif
@@ -1746,7 +1748,7 @@ mip6_exthdr_create(m, opt, mip6opt)
goto bad;
}
}
-
+#if 0 /* I-D 18 */
if (mbu->mbu_flags & IP6MU_HOME) {
/* to my home agent. */
if (mbu->mbu_fsm_state == MIP6_BU_FSM_STATE_IDLE)
@@ -1756,7 +1758,7 @@ mip6_exthdr_create(m, opt, mip6opt)
if (mbu->mbu_fsm_state != MIP6_BU_FSM_STATE_BOUND)
goto noneed;
}
-
+#endif
/* create haddr destopt. */
error = mip6_haddr_destopt_create(&mip6opt->mip6po_haddr,
src, dst, sc);
@@ -2266,6 +2268,7 @@ mip6_add_opt2dh(opt, dh)
return pos;
}
+#if 0
#if defined(IPSEC) && !defined(__OpenBSD__)
caddr_t
mip6_add_subopt2dh(subopt, opt, dh)
@@ -2332,6 +2335,7 @@ mip6_add_subopt2dh(subopt, opt, dh)
return (subopt_pos);
}
#endif /* IPSEC && !__OpenBSD__ */
+#endif
/*
******************************************************************************
@@ -2632,12 +2636,12 @@ mip6_get_nodekey(index, nodekey)
* Check a Binding Update packet whether it is valid
*/
int
-mip6_is_valid_bu(ip6, ip6mu, ip6mulen, mopt, hoa_sa)
+mip6_is_valid_bu(ip6, ip6mu, ip6mulen, mopt, hoa_sa, coa_sa)
struct ip6_hdr *ip6;
struct ip6m_binding_update *ip6mu;
int ip6mulen;
struct mip6_mobility_options *mopt;
- struct sockaddr_in6 *hoa_sa;
+ struct sockaddr_in6 *hoa_sa, *coa_sa;
{
mip6_nonce_t home_nonce, careof_nonce;
mip6_nodekey_t home_nodekey, coa_nodekey;
@@ -2694,14 +2698,14 @@ mip6_hexdump("CN: Careof Nodekey: ", sizeof(coa_nodekey), &coa_nodekey);
#endif
/* Calculate home cookie */
- mip6_create_cookie(&ip6mu->ip6mu_addr,
+ mip6_create_cookie(&hoa_sa->sin6_addr,
&home_nodekey, &home_nonce, &home_cookie);
#ifdef RR_DBG
mip6_hexdump("CN: Home Cookie: ", sizeof(home_cookie), (u_int8_t *)&home_cookie);
#endif
/* Calculate care-of cookie */
- mip6_create_cookie(&ip6->ip6_src,
+ mip6_create_cookie(&coa_sa->sin6_addr,
&coa_nodekey, &careof_nonce, &careof_cookie);
#ifdef RR_DBG
mip6_hexdump("CN: Care-of Cookie: ", sizeof(careof_cookie), (u_int8_t *)&careof_cookie);
@@ -2717,10 +2721,10 @@ mip6_hexdump("CN: K_bu: ", sizeof(key_bu), key_bu);
ip6mu->ip6mu_cksum = 0;
/* Calculate authenticator */
hmac_init(&hmac_ctx, key_bu, sizeof(key_bu), HMAC_SHA1);
- hmac_loop(&hmac_ctx, (u_int8_t *)&ip6->ip6_src,
- sizeof(ip6->ip6_src));
+ hmac_loop(&hmac_ctx, (u_int8_t *)&coa_sa->sin6_addr,
+ sizeof(coa_sa->sin6_addr));
#ifdef RR_DBG
-mip6_hexdump("CN: Auth: ", sizeof(ip6->ip6_src), &ip6->ip6_src);
+mip6_hexdump("CN: Auth: ", sizeof(coa_sa->sin6_addr), &coa_sa->sin6_addr);
#endif
hmac_loop(&hmac_ctx, (u_int8_t *)&ip6->ip6_dst,
sizeof(ip6->ip6_dst));
@@ -2732,13 +2736,13 @@ mip6_hexdump("CN: Auth: ", sizeof(ip6->ip6_dst), &ip6->ip6_dst);
#ifdef RR_DBG
mip6_hexdump("CN: Auth: ", (u_int8_t *)mopt->mopt_auth - (u_int8_t *)ip6mu, ip6mu);
#endif
- restlen = ip6mulen - (((u_int8_t *)mopt->mopt_auth - (u_int8_t *)ip6mu) + ((struct ip6m_opt_authdata *)mopt->mopt_auth)->ip6moau_len);
+ restlen = ip6mulen - (((u_int8_t *)mopt->mopt_auth - (u_int8_t *)ip6mu) + ((struct ip6m_opt_authdata *)mopt->mopt_auth)->ip6moau_len + 2);
if (restlen > 0) {
hmac_loop(&hmac_ctx,
mopt->mopt_auth
- + ((struct ip6m_opt_authdata *)mopt->mopt_auth)->ip6moau_len, restlen);
+ + ((struct ip6m_opt_authdata *)mopt->mopt_auth)->ip6moau_len + 2, restlen);
#ifdef RR_DBG
-mip6_hexdump("CN: Auth: ", restlen, mopt->mopt_auth + ((struct ip6m_opt_authdata *)mopt->mopt_auth)->ip6moau_len);
+mip6_hexdump("CN: Auth: ", restlen, mopt->mopt_auth + ((struct ip6m_opt_authdata *)mopt->mopt_auth)->ip6moau_len + 2);
#endif
}
bzero(authdata, sizeof(authdata));
@@ -2776,18 +2780,18 @@ mip6_get_mobility_options(ip6mu, ip6mulen, mopt)
case IP6MOPT_PADN:
break;
case IP6MOPT_UID:
- check_mopt_len(4);
+ check_mopt_len(2);
valid_option = MOPT_UID;
GET_NETVAL_S(mh + 2, mopt->mopt_uid);
break;
case IP6MOPT_ALTCOA:
- check_mopt_len(18);
+ check_mopt_len(16);
valid_option = MOPT_ALTCOA;
bcopy(mh + 2, &mopt->mopt_altcoa,
sizeof(mopt->mopt_altcoa));
break;
case IP6MOPT_NONCE:
- check_mopt_len(6);
+ check_mopt_len(4);
valid_option = MOPT_NONCE_IDX;
GET_NETVAL_S(mh + 2, mopt->mopt_ho_nonce_idx);
GET_NETVAL_S(mh + 4, mopt->mopt_co_nonce_idx);
@@ -2796,6 +2800,11 @@ mip6_get_mobility_options(ip6mu, ip6mulen, mopt)
valid_option = MOPT_AUTHDATA;
mopt->mopt_auth = mh;
break;
+ case IP6MOPT_REFRESH:
+ check_mopt_len(2);
+ valid_option = MOPT_REFRESH;
+ GET_NETVAL_S(mh + 2, mopt->mopt_refresh);
+ break;
default:
/* '... MUST quietly ignore ... (6.2.1)'
mip6log((LOG_ERR,
@@ -2805,7 +2814,7 @@ mip6_get_mobility_options(ip6mu, ip6mulen, mopt)
break;
}
- mh += *(mh + 1);
+ mh += *(mh + 1) + 2;
mopt->valid_options |= valid_option;
}
@@ -2819,17 +2828,20 @@ mip6_create_cookie(addr, nodekey, nonce, cookie)
struct in6_addr *addr;
mip6_nodekey_t *nodekey;
mip6_nonce_t *nonce;
- void *cookie;
+ void *cookie; /* 64 bit */
{
/* Generatie cookie */
/* cookie = MAC_Kcn(saddr | nonce) */
HMAC_CTX hmac_ctx;
+ u_int8_t result[HMACSIZE];
hmac_init(&hmac_ctx, (u_int8_t *)nodekey,
sizeof(mip6_nodekey_t), HMAC_SHA1);
hmac_loop(&hmac_ctx, (u_int8_t *)addr, sizeof(struct in6_addr));
hmac_loop(&hmac_ctx, (u_int8_t *)nonce, sizeof(mip6_nonce_t));
- hmac_result(&hmac_ctx, (u_int8_t *)cookie);
+ hmac_result(&hmac_ctx, result);
+ /* First64 */
+ bcopy(result, cookie, 8);
}
void
View
75 kame/sys/netinet6/mip6.h
@@ -1,4 +1,4 @@
-/* $KAME: mip6.h,v 1.54 2002/06/18 07:35:15 keiichi Exp $ */
+/* $KAME: mip6.h,v 1.55 2002/08/05 11:49:17 k-sugyou Exp $ */
/*
* Copyright (C) 2001 WIDE Project. All rights reserved.
@@ -70,61 +70,28 @@ struct mip6_req {
#define MIP6_BA_INITIAL_TIMEOUT 1
#define MIP6_BA_MAX_TIMEOUT 256
-/* mobility header options type. */
-#define MIP6OPT_PAD1 0x00
-#define MIP6OPT_PADN 0x01
-#define MIP6OPT_UNIQID 0x02
-#define MIP6OPT_ALTCOA 0x03
-#define MIP6OPT_AUTHDATA 0x04
-
-/* Unique Identifier option format. */
-struct mip6_opt_uniqid {
- u_int8_t type; /* 0x02 */
- u_int8_t len; /* == 4 */
- u_int16_t id; /* Unique Identifier */
-} __attribute__ ((__packed__));
-
-/* Alternate Care-of Address option format. */
-struct mip6_opt_altcoa {
- u_int8_t type; /* 0x03 */
- u_int8_t len; /* == 18 */
- u_int8_t coa[16]; /* Alternate Care-of Address */
-} __attribute__ ((__packed__));
-
-/* Nonce Indices */
-struct mip6_opt_nonceix {
- u_int8_t type; /* 0x04 */
- u_int8_t len; /* == 6 */
- u_int16_t hoix; /* Home Nonce Index */
- u_int16_t coix; /* Care-of Nonce Index */
-} __attribute__ ((__packed__));
-
-/* Autnentication Data sub-option format. */
-struct mip6_opt_authdata {
- u_int8_t type; /* 0x05 */
- u_int8_t len; /* 2 + n */
- /* followed by Authenticator (variable length) */
-} __attribute__ ((__packed__));
-
/* Binding Ack status code. */
-#define IP6MA_STATUS_ACCEPTED 0
+#define IP6MA_STATUS_ACCEPTED 0 /* Binding Update accepted */
#define IP6MA_STATUS_ERRORBASE 128
-#define IP6MA_STATUS_UNSPECIFIED 128
-#define IP6MA_STATUS_PROHIBIT 130
-#define IP6MA_STATUS_RESOURCES 131
-#define IP6MA_STATUS_NOT_SUPPORTED 132
-#define IP6MA_STATUS_NOT_HOME_SUBNET 133
-#define IP6MA_STATUS_NOT_HOME_AGENT 137
-#define IP6MA_STATUS_DAD_FAILED 138
-#define IP6MA_STATUS_NO_SA 139
-#define IP6MA_STATUS_SEQNO_TOO_SMALL 141
-#define IP6MA_STATUS_RO_NOT_DESIRED 142
-#define IP6MA_STATUS_INVAL_AUTHENTICATOR 143
-#define IP6MA_STATUS_HOME_NONCE_EXPIRED 144
-#define IP6MA_STATUS_CAREOF_NONCE_EXPIRED 145
+#define IP6MA_STATUS_UNSPECIFIED 128 /* Reason unspecified */
+#define IP6MA_STATUS_PROHIBIT 129 /* Administratively prohibited */
+#define IP6MA_STATUS_RESOURCES 130 /* Insufficient resources */
+#define IP6MA_STATUS_NOT_SUPPORTED 131 /* ome registration not supported */
+#define IP6MA_STATUS_NOT_HOME_SUBNET 132 /* Not home subnet */
+#define IP6MA_STATUS_NOT_HOME_AGENT 133 /* Not home agent for this mobile node */
+#define IP6MA_STATUS_DAD_FAILED 134 /* Duplicate Address Detection failed */
+#define IP6MA_STATUS_SEQNO_TOO_SMALL 135 /* Sequence number out of window */
+#define IP6MA_STATUS_RO_NOT_DESIRED 136 /* Route optimization unnecessary due to low traffic */
+#define IP6MA_STATUS_INVAL_AUTHENTICATOR 137 /* Invalid authenticator */
+#define IP6MA_STATUS_HOME_NONCE_EXPIRED 138 /* Expired Home Nonce Index */
+#define IP6MA_STATUS_CAREOF_NONCE_EXPIRED 139 /* Expired Care-of Nonce Index */
/* Binding Error status code. */
-#define IP6ME_STATUS_NO_BINDING 1
-#define IP6ME_STATUS_UNKNOWN_MH_TYPE 2
-
+#define IP6ME_STATUS_NO_BINDING 1 /* Home Address destination
+ option used without a binding
+ */
+#define IP6ME_STATUS_UNKNOWN_MH_TYPE 2 /* Received message had an
+ unknown value for the MH Type
+ field
+ */
#endif /* !_MIP6_H_ */
View
17 kame/sys/netinet6/mip6_binding.c
@@ -1,4 +1,4 @@
-/* $KAME: mip6_binding.c,v 1.114 2002/08/01 11:29:12 t-momose Exp $ */
+/* $KAME: mip6_binding.c,v 1.115 2002/08/05 11:49:17 k-sugyou Exp $ */
/*
* Copyright (C) 2001 WIDE Project. All rights reserved.
@@ -226,7 +226,7 @@ mip6_bu_create(paddr, mpfx, coa, flags, sc)
struct hif_softc *sc;
{
struct mip6_bu *mbu;
- u_int32_t coa_lifetime;
+ u_int32_t coa_lifetime, cookie;
#if !(defined(__FreeBSD__) && __FreeBSD__ >= 3)
long time_second = time.tv_sec;
#endif
@@ -282,7 +282,10 @@ mip6_bu_create(paddr, mpfx, coa, flags, sc)
mbu->mbu_ackexpire = time_second + mbu->mbu_acktimeout;
mbu->mbu_hif = sc;
/* *mbu->mbu_encap = NULL; */
- mbu->mbu_mobile_cookie = arc4random();
+ cookie = arc4random();
+ bcopy(&cookie, &mbu->mbu_mobile_cookie[0], 4);
+ cookie = arc4random();
+ bcopy(&cookie, &mbu->mbu_mobile_cookie[4], 4);
return (mbu);
}
@@ -872,7 +875,7 @@ mip6_process_hurbu(haddr0, coa, flags, seqno, lifetime, haaddr)
struct sockaddr_in6 *coa;
u_int8_t flags;
u_int16_t seqno;
- u_int32_t lifetime;
+ u_int16_t lifetime;
struct sockaddr_in6 *haaddr;
{
struct mip6_bc *mbc, *mbc_next;
@@ -1078,7 +1081,7 @@ mip6_process_hrbu(haddr0, coa, flags, seqno, lifetime, haaddr)
struct sockaddr_in6 *coa;
u_int8_t flags;
u_int16_t seqno;
- u_int32_t lifetime;
+ u_int16_t lifetime;
struct sockaddr_in6 *haaddr;
{
struct nd_prefix *pr;
@@ -1857,7 +1860,7 @@ mip6_bc_register(hoa_sa, coa_sa, dst_sa, flags, seqno, lifetime)
struct sockaddr_in6 *dst_sa;
u_int16_t flags;
u_int16_t seqno;
- u_int32_t lifetime;
+ u_int16_t lifetime;
{
struct mip6_bc *mbc;
@@ -1881,7 +1884,7 @@ mip6_bc_update(mbc, coa_sa, dst_sa, flags, seqno, lifetime)
struct sockaddr_in6 *dst_sa;
u_int16_t flags;
u_int16_t seqno;
- u_int32_t lifetime;
+ u_int16_t lifetime;
{
#if !(defined(__FreeBSD__) && __FreeBSD__ >= 3)
long time_second = time.tv_sec;
View
123 kame/sys/netinet6/mip6_pktproc.c
@@ -1,4 +1,4 @@
-/* $KAME: mip6_pktproc.c,v 1.37 2002/08/02 11:27:37 t-momose Exp $ */
+/* $KAME: mip6_pktproc.c,v 1.38 2002/08/05 11:49:17 k-sugyou Exp $ */
/*
* Copyright (C) 2002 WIDE Project. All rights reserved.
@@ -85,11 +85,11 @@ extern struct mip6_prefix_list mip6_prefix_list;
static int mip6_ip6mh_create __P((struct ip6_mobility **,
struct sockaddr_in6 *,
struct sockaddr_in6 *,
- u_int32_t));
+ u_int8_t *));
static int mip6_ip6mc_create __P((struct ip6_mobility **,
struct sockaddr_in6 *,
struct sockaddr_in6 *,
- u_int32_t));
+ u_int8_t *));
static int mip6_ip6mhi_create __P((struct ip6_mobility **,
struct mip6_bu *));
static int mip6_ip6mci_create __P((struct ip6_mobility **,
@@ -140,7 +140,7 @@ mip6_ip6mhi_input(m0, ip6mhi, ip6mhilen)
}
error = mip6_ip6mh_create(&opt.ip6po_mobility, dst_sa, src_sa,
- ntohl(ip6mhi->ip6mhi_mobile_cookie));
+ ip6mhi->ip6mhi_hot_cookie);
if (error) {
mip6log((LOG_ERR,
"%s:%d: HoT creation error (%d)\n",
@@ -168,7 +168,7 @@ int
mip6_ip6mh_create(pktopt_mobility, src, dst, cookie)
struct ip6_mobility **pktopt_mobility;
struct sockaddr_in6 *src, *dst;
- u_int32_t cookie;
+ u_int8_t *cookie;
{
struct ip6m_home_test *ip6mh;
int ip6mh_size;
@@ -193,9 +193,9 @@ mip6_ip6mh_create(pktopt_mobility, src, dst, cookie)
ip6mh->ip6mh_len = ip6mh_size >> 3;
ip6mh->ip6mh_type = IP6M_HOME_TEST;
ip6mh->ip6mh_nonce_index = htons(nonce_index);
- ip6mh->ip6mh_mobile_cookie = htonl(cookie);
+ bcopy(cookie, ip6mh->ip6mh_hot_cookie, sizeof(ip6mh->ip6mh_hot_cookie));
mip6_create_cookie(&dst->sin6_addr,
- &home_nodekey, &home_nonce, &ip6mh->ip6mh_cookie);
+ &home_nodekey, &home_nonce, ip6mh->ip6mh_cookie);
/* calculate checksum. */
ip6mh->ip6mh_cksum = mip6_cksum(src, dst,
@@ -247,7 +247,7 @@ mip6_ip6mci_input(m0, ip6mci, ip6mcilen)
}
error = mip6_ip6mc_create(&opt.ip6po_mobility, dst_sa, src_sa,
- ntohl(ip6mci->ip6mci_mobile_cookie));
+ ip6mci->ip6mci_cot_cookie);
if (error) {
mip6log((LOG_ERR,
"%s:%d: HoT creation error (%d)\n",
@@ -275,7 +275,7 @@ int
mip6_ip6mc_create(pktopt_mobility, src, dst, cookie)
struct ip6_mobility **pktopt_mobility;
struct sockaddr_in6 *src, *dst;
- u_int32_t cookie;
+ u_int8_t *cookie;
{
struct ip6m_careof_test *ip6mc;
int ip6mc_size;
@@ -300,10 +300,10 @@ mip6_ip6mc_create(pktopt_mobility, src, dst, cookie)
ip6mc->ip6mc_len = ip6mc_size >> 3;
ip6mc->ip6mc_type = IP6M_CAREOF_TEST;
ip6mc->ip6mc_nonce_index = htons(nonce_index);
- ip6mc->ip6mc_mobile_cookie = htonl(cookie);
+ bcopy(cookie, ip6mc->ip6mc_cot_cookie, sizeof(ip6mc->ip6mc_cot_cookie));
mip6_create_cookie(&dst->sin6_addr,
&careof_nodekey, &careof_nonce,
- &ip6mc->ip6mc_cookie);
+ ip6mc->ip6mc_cookie);
/* calculate checksum. */
ip6mc->ip6mc_cksum = mip6_cksum(src, dst,
@@ -364,7 +364,8 @@ mip6_ip6mh_input(m, ip6mh, ip6mhlen)
}
/* check mobile cookie. */
- if (mbu->mbu_mobile_cookie != ntohl(ip6mh->ip6mh_mobile_cookie)) {
+ if (bcmp(&mbu->mbu_mobile_cookie, ip6mh->ip6mh_hot_cookie,
+ sizeof(ip6mh->ip6mh_hot_cookie)) != 0) {
mip6log((LOG_INFO,
"%s:%d: HoT mobile cookie mismatch from %s.\n",
__FILE__, __LINE__, ip6_sprintf(&src_sa->sin6_addr)));
@@ -435,7 +436,8 @@ mip6_ip6mc_input(m, ip6mc, ip6mclen)
}
/* check mobile cookie. */
- if (mbu->mbu_mobile_cookie != ntohl(ip6mc->ip6mc_mobile_cookie)) {
+ if (bcmp(&mbu->mbu_mobile_cookie, ip6mc->ip6mc_cot_cookie,
+ sizeof(ip6mc->ip6mc_cot_cookie)) != 0) {
mip6log((LOG_INFO,
"%s:%d: CoT mobile cookie mismatch from %s.\n",
__FILE__, __LINE__, ip6_sprintf(&src_sa->sin6_addr)));
@@ -470,7 +472,7 @@ mip6_ip6mu_input(m, ip6mu, ip6mulen)
u_int8_t haseen;
struct mip6_bc *mbc;
u_int16_t seqno;
- u_int32_t lifetime;
+ u_int16_t lifetime;
int error = 0;
u_int8_t bu_safe = 0; /* To accept bu always without authentication, this value is set to non-zero */
@@ -518,12 +520,18 @@ mip6_ip6mu_input(m, ip6mu, ip6mulen)
coa_sa = *src_sa;
n = ip6_findaux(m);
- if (n != NULL) {
- ip6a = mtod(n, struct ip6aux *);
- if ((ip6a->ip6a_flags & IP6A_HASEEN) != 0) {
- haseen = 1;
- coa_sa.sin6_addr = ip6a->ip6a_coa;
- }
+ if (n == NULL) {
+ m_freem(m);
+ return (EINVAL);
+ }
+ ip6a = mtod(n, struct ip6aux *);
+ if ((ip6a->ip6a_flags & IP6A_HASEEN) == 0) {
+ m_freem(m);
+ return (EINVAL);
+ }
+ if ((ip6a->ip6a_flags & IP6A_SWAP) != 0) {
+ haseen = 1;
+ coa_sa.sin6_addr = ip6a->ip6a_coa;
}
/*
@@ -544,7 +552,7 @@ mip6_ip6mu_input(m, ip6mu, ip6mulen)
bu_safe = 1;
goto accept_binding_update;
}
- if ((haseen == 0)
+ if ((haseen == 1)
&& ((ip6mu_flags & IP6MU_HOME) == 0))
goto accept_binding_update; /* Must be checked its safety
* with RR later */
@@ -560,7 +568,7 @@ mip6_ip6mu_input(m, ip6mu, ip6mulen)
hoa_sa = *src_sa;
} else {
hoa_sa = *src_sa;
- hoa_sa.sin6_addr = ip6mu->ip6mu_addr;
+ hoa_sa.sin6_addr = ip6a->ip6a_coa;
}
if ((error = mip6_get_mobility_options(ip6mu, ip6mulen, &mopt))) {
@@ -575,12 +583,12 @@ mip6_ip6mu_input(m, ip6mu, ip6mulen)
coa_sa.sin6_addr = mopt.mopt_altcoa;
seqno = ntohs(ip6mu->ip6mu_seqno);
- lifetime = ntohl(ip6mu->ip6mu_lifetime);
+ lifetime = ntohs(ip6mu->ip6mu_lifetime);
/* ip6_src and HAO has been already swapped at this point. */
mbc = mip6_bc_list_find_withphaddr(&mip6_bc_list, &hoa_sa);
if (mbc == NULL) {
- if (!bu_safe && mip6_is_valid_bu(ip6, ip6mu, ip6mulen, &mopt, &hoa_sa)) {
+ if (!bu_safe && mip6_is_valid_bu(ip6, ip6mu, ip6mulen, &mopt, &hoa_sa, &coa_sa)) {
mip6log((LOG_ERR,
"%s:%d: RR authentication was failed.\n",
__FILE__, __LINE__));
@@ -714,7 +722,7 @@ mip6_ip6ma_input(m, ip6ma, ip6malen)
struct hif_softc *sc;
struct mip6_bu *mbu;
u_int16_t seqno;
- u_int32_t lifetime;
+ u_int16_t lifetime;
#if !(defined(__FreeBSD__) && __FreeBSD__ >= 3)
long time_second = time.tv_sec;
#endif
@@ -848,13 +856,14 @@ mip6_ip6ma_input(m, ip6ma, ip6malen)
mbu->mbu_state &= ~MIP6_BU_STATE_WAITACK;
/* update lifetime and refresh time. */
- lifetime = htonl(ip6ma->ip6ma_lifetime);
+ lifetime = htons(ip6ma->ip6ma_lifetime);
if (lifetime < mbu->mbu_lifetime) {
mbu->mbu_expire -= (mbu->mbu_lifetime - lifetime);
if (mbu->mbu_expire < time_second)
mbu->mbu_expire = time_second;
}
- mbu->mbu_refresh = htonl(ip6ma->ip6ma_refresh);
+ /* XXX binding refresh advice option */
+ mbu->mbu_refresh = lifetime; /* XXX */
mbu->mbu_refexpire = time_second + mbu->mbu_refresh;
/* sanity check for overflow */
if (mbu->mbu_refexpire < time_second)
@@ -1092,7 +1101,6 @@ int
mip6_bu_send_cbu(mbu)
struct mip6_bu *mbu;
{
- struct sockaddr_in6 *busrc_sa;
struct mbuf *m;
struct ip6_pktopts opt;
int error = 0;
@@ -1103,11 +1111,7 @@ mip6_bu_send_cbu(mbu)
init_ip6pktopts(&opt);
- if (mbu->mbu_fsm_state == MIP6_BU_FSM_STATE_BOUND)
- busrc_sa = &mbu->mbu_haddr;
- else
- busrc_sa = &mbu->mbu_coa;
- m = mip6_create_ip6hdr(busrc_sa, &mbu->mbu_paddr, IPPROTO_NONE, 0);
+ m = mip6_create_ip6hdr(&mbu->mbu_haddr, &mbu->mbu_paddr, IPPROTO_NONE, 0);
if (m == NULL) {
mip6log((LOG_ERR,
"%s:%d: creating ip6hdr failed.\n", __FILE__, __LINE__));
@@ -1147,8 +1151,8 @@ mip6_bc_send_ba(src, dst, dstcoa, status, seqno, lifetime, refresh)
struct sockaddr_in6 *dstcoa;
u_int8_t status;
u_int16_t seqno;
- u_int32_t lifetime;
- u_int32_t refresh;
+ u_int16_t lifetime;
+ u_int16_t refresh;
{
struct mbuf *m;
struct ip6_pktopts opt;
@@ -1236,7 +1240,8 @@ mip6_ip6mhi_create(pktopt_mobility, mbu)
ip6mhi->ip6mhi_pproto = IPPROTO_NONE;
ip6mhi->ip6mhi_len = ip6mhi_size >> 3;
ip6mhi->ip6mhi_type = IP6M_HOME_TEST_INIT;
- ip6mhi->ip6mhi_mobile_cookie = htonl(mbu->mbu_mobile_cookie);
+ bcopy(mbu->mbu_mobile_cookie, ip6mhi->ip6mhi_hot_cookie,
+ sizeof(ip6mhi->ip6mhi_hot_cookie));
/* calculate checksum. */
ip6mhi->ip6mhi_cksum = mip6_cksum(&mbu->mbu_haddr, &mbu->mbu_paddr,
@@ -1273,7 +1278,8 @@ mip6_ip6mci_create(pktopt_mobility, mbu)
ip6mci->ip6mci_pproto = IPPROTO_NONE;
ip6mci->ip6mci_len = ip6mci_size >> 3;
ip6mci->ip6mci_type = IP6M_CAREOF_TEST_INIT;
- ip6mci->ip6mci_mobile_cookie = htonl(mbu->mbu_mobile_cookie);
+ bcopy(mbu->mbu_mobile_cookie, ip6mci->ip6mci_cot_cookie,
+ sizeof(ip6mci->ip6mci_cot_cookie));
/* calculate checksum. */
ip6mci->ip6mci_cksum = mip6_cksum(&mbu->mbu_coa, &mbu->mbu_paddr,
@@ -1299,7 +1305,6 @@ mip6_ip6mu_create(pktopt_mobility, src, dst, sc)
int bu_size, nonce_size, auth_size;
struct mip6_bu *mbu, *hrmbu;
int need_rr = 0;
- struct sockaddr_in6 *busrc_sa;
HMAC_CTX hmac_ctx;
u_int8_t key_bu[SHA1_RESULTLEN]; /* Stated as 'Kbu' in the spec */
#if !(defined(__FreeBSD__) && __FreeBSD__ >= 3)
@@ -1400,7 +1405,7 @@ printf("MN: bu_size = %d, nonce_size= %d, auth_size = %d(AUTHSIZE:%d)\n", bu_siz
*((u_int8_t *)ip6mu + sizeof(struct ip6m_binding_update))
= IP6MOPT_PADN;
*((u_int8_t *)ip6mu + sizeof(struct ip6m_binding_update) + 1)
- = bu_size - sizeof(struct ip6m_binding_update);
+ = bu_size - sizeof(struct ip6m_binding_update) - 2;
}
ip6mu->ip6mu_pproto = IPPROTO_NONE;
@@ -1443,22 +1448,18 @@ printf("MN: bu_size = %d, nonce_size= %d, auth_size = %d(AUTHSIZE:%d)\n", bu_siz
lifetime = sa_lifetime;
}
#endif /* MIP6_SYNC_SA_LIFETIME */
- mbu->mbu_lifetime = lifetime;
- mbu->mbu_expire = time_second + lifetime;
+ mbu->mbu_lifetime = (u_int16_t)lifetime;
+ mbu->mbu_expire = time_second + mbu->mbu_lifetime;
mbu->mbu_refresh = mbu->mbu_lifetime;
mbu->mbu_refexpire = time_second + mbu->mbu_refresh;
- ip6mu->ip6mu_lifetime = htonl(mbu->mbu_lifetime);
+ ip6mu->ip6mu_lifetime = htons(mbu->mbu_lifetime);
}
- ip6mu->ip6mu_addr = mbu->mbu_haddr.sin6_addr;
- in6_clearscope(&ip6mu->ip6mu_addr);
-
- busrc_sa = src;
if (need_rr) {
/* nonce indices and authdata insersion. */
/* Nonce Indicies */
mopt_nonce->ip6mon_type = IP6MOPT_NONCE;
- mopt_nonce->ip6mon_len = sizeof(struct ip6m_opt_nonce);
+ mopt_nonce->ip6mon_len = sizeof(struct ip6m_opt_nonce) - 2;
SET_NETVAL_S(&mopt_nonce->ip6mon_home_nonce_index,
mbu->mbu_home_nonce_index);
SET_NETVAL_S(&mopt_nonce->ip6mon_careof_nonce_index,
@@ -1466,7 +1467,7 @@ printf("MN: bu_size = %d, nonce_size= %d, auth_size = %d(AUTHSIZE:%d)\n", bu_siz
/* Auth. data */
mopt_auth->ip6moau_type = IP6MOPT_AUTHDATA;
- mopt_auth->ip6moau_len = AUTH_SIZE;
+ mopt_auth->ip6moau_len = AUTH_SIZE - 2;
#ifdef RR_DBG
mip6_hexdump("MN: Home Cookie: ", sizeof(mbu->mbu_home_cookie), (caddr_t)&mbu->mbu_home_cookie);
@@ -1478,16 +1479,11 @@ mip6_hexdump("MN: Care-of Cookie: ", sizeof(mbu->mbu_careof_cookie), (caddr_t)&m
mip6_hexdump("MN: K_bu: ", sizeof(key_bu), key_bu);
#endif
- if (mbu->mbu_fsm_state == MIP6_BU_FSM_STATE_BOUND)
- busrc_sa = &mbu->mbu_haddr;
- else
- busrc_sa = &mbu->mbu_coa;
-
/* Calculate authenticator (5.5.6) */
/* MAC_Kbu(coa, | cn | BU) */
hmac_init(&hmac_ctx, key_bu, sizeof(key_bu), HMAC_SHA1);
- hmac_loop(&hmac_ctx, (u_int8_t *)&busrc_sa->sin6_addr,
- sizeof(busrc_sa->sin6_addr));
+ hmac_loop(&hmac_ctx, (u_int8_t *)&mbu->mbu_coa.sin6_addr,
+ sizeof(mbu->mbu_coa.sin6_addr));
#ifdef RR_DBG
mip6_hexdump("MN: Auth: ", sizeof(mbu->mbu_coa.sin6_addr), &mbu->mbu_coa.sin6_addr);
#endif
@@ -1506,7 +1502,7 @@ mip6_hexdump("MN: Auth: ", bu_size + nonce_size, ip6mu);
*((u_int8_t *)ip6mu + bu_size + nonce_size + AUTH_SIZE)
= IP6MOPT_PADN;
*((u_int8_t *)ip6mu + bu_size + nonce_size + AUTH_SIZE + 1)
- = auth_size - AUTH_SIZE;
+ = auth_size - AUTH_SIZE - 2;
hmac_loop(&hmac_ctx,
(u_int8_t *)ip6mu + bu_size + nonce_size
+ AUTH_SIZE, auth_size - AUTH_SIZE);
@@ -1521,7 +1517,7 @@ mip6_hexdump("MN: Authdata: ", SHA1_RESULTLEN, (u_int8_t *)(mopt_auth + 1));
}
/* calculate checksum. */
- ip6mu->ip6mu_cksum = mip6_cksum(busrc_sa, dst, ip6mu_size,
+ ip6mu->ip6mu_cksum = mip6_cksum(&mbu->mbu_haddr, dst, ip6mu_size,
IPPROTO_MOBILITY, (char *)ip6mu);
*pktopt_mobility = (struct ip6_mobility *)ip6mu;
@@ -1539,8 +1535,8 @@ mip6_ip6ma_create(pktopt_mobility, src, dst, status, seqno, lifetime, refresh)
struct sockaddr_in6 *dst;
u_int8_t status;
u_int16_t seqno;
- u_int32_t lifetime;
- u_int32_t refresh;
+ u_int16_t lifetime;
+ u_int16_t refresh;
{
struct ip6m_binding_ack *ip6ma;
int ip6ma_size, pad;
@@ -1562,16 +1558,17 @@ mip6_ip6ma_create(pktopt_mobility, src, dst, status, seqno, lifetime, refresh)
ip6ma->ip6ma_type = IP6M_BINDING_ACK;
ip6ma->ip6ma_status = status;
ip6ma->ip6ma_seqno = htons(seqno);
- ip6ma->ip6ma_lifetime = htonl(lifetime);
- ip6ma->ip6ma_refresh = htonl(refresh);
+ ip6ma->ip6ma_lifetime = htons(lifetime);
+
+ /* XXX binding refresh advice option */
/* XXX authorization data processing. */
/* XXX padN */
if (pad > 1) {
u_char *p = ((u_char *)ip6ma) + ip6ma_size - pad;
- *p++ = MIP6OPT_PADN;
- *p = pad;
+ *p++ = IP6MOPT_PADN;
+ *p = pad - 2;
}
/* calculate checksum. */
View
43 kame/sys/netinet6/mip6_var.h
@@ -1,4 +1,4 @@
-/* $KAME: mip6_var.h,v 1.44 2002/07/29 09:40:33 t-momose Exp $ */
+/* $KAME: mip6_var.h,v 1.45 2002/08/05 11:49:18 k-sugyou Exp $ */
/*
* Copyright (C) 2001 WIDE Project. All rights reserved.
@@ -51,14 +51,16 @@
bcopy(&s, (p), sizeof(s)); \
} while (0)
-#define HOME_COOKIE_SIZE 16
-#define CAREOF_COOKIE_SIZE 16
-#define MIP6_NONCE_SIZE 16 /* recommended by the spec (5.5.2) */
+#define MIP6_COOKIE_SIZE 8
+#define HOME_COOKIE_SIZE 8
+#define CAREOF_COOKIE_SIZE 8
+#define MIP6_NONCE_SIZE 8 /* recommended by the spec (5.2.2) */
/* must be multiple of size of u_short */
-#define MIP6_NODEKEY_SIZE 20 /* This size is specified at 5.5.1 in mip6 spec */
+#define MIP6_NODEKEY_SIZE 20 /* This size is specified at 5.2.1 in mip6 spec */
#define MIP6_NONCE_HISTORY 32
typedef u_int8_t mip6_nonce_t[MIP6_NONCE_SIZE];
typedef u_int8_t mip6_nodekey_t[MIP6_NODEKEY_SIZE];
+typedef u_int8_t mip6_cookie_t[MIP6_COOKIE_SIZE];
typedef u_int8_t mip6_home_cookie_t[HOME_COOKIE_SIZE];
typedef u_int8_t mip6_careof_cookie_t[CAREOF_COOKIE_SIZE];
@@ -134,15 +136,15 @@ struct mip6_bu {
struct sockaddr_in6 mbu_paddr; /* peer addr of this BU */
struct sockaddr_in6 mbu_haddr; /* HoA */
struct sockaddr_in6 mbu_coa; /* CoA */
- u_int32_t mbu_lifetime; /* BU lifetime */
+ u_int16_t mbu_lifetime; /* BU lifetime */
time_t mbu_expire; /* expiration time of this BU. */
- u_int32_t mbu_refresh; /* refresh frequency */
+ u_int16_t mbu_refresh; /* refresh frequency */
time_t mbu_refexpire; /* expiration time of refresh. */
u_int32_t mbu_acktimeout; /* current ack timo value */
time_t mbu_ackexpire; /* expiration time of ack. */
u_int16_t mbu_seqno; /* sequence number */
u_int8_t mbu_flags; /* BU flags */
- u_int32_t mbu_mobile_cookie;
+ mip6_cookie_t mbu_mobile_cookie;
u_int16_t mbu_home_nonce_index;
mip6_home_cookie_t mbu_home_cookie;
u_int16_t mbu_careof_nonce_index;
@@ -250,14 +252,7 @@ struct mip6_buffer {
};
#define MIP6_BUFFER_SIZE 1500 /* XXX 1500 ? */
-/* definition of length for different destination options. */
-#define IP6OPT_BULEN 8 /* Length of BU option */
-#define IP6OPT_BALEN 11 /* Length of BA option */
-#define IP6OPT_BRLEN 0 /* Length of BR option */
#define IP6OPT_HALEN 16 /* Length of HA option */
-#define IP6OPT_UIDLEN 2 /* Length of Unique Identifier sub-option */
-#define IP6OPT_COALEN 16 /* Length of Alternate COA sub-option */
-#define IP6OPT_AUTHDATALEN 4 /* Minimum length of Authentication Data sub-option */
struct mip6_mobility_options {
u_int16_t valid_options; /* shows valid options in this structure */
@@ -266,12 +261,14 @@ struct mip6_mobility_options {
u_int16_t mopt_ho_nonce_idx; /* Home Nonce Index */
u_int16_t mopt_co_nonce_idx; /* Care-of Nonce Index */
caddr_t mopt_auth; /* Authenticator */
+ u_int16_t mopt_refresh; /* Refresh Interval */
};
#define MOPT_UID 0x0001
#define MOPT_ALTCOA 0x0002
#define MOPT_NONCE_IDX 0x0004
#define MOPT_AUTHDATA 0x0008
+#define MOPT_REFRESH 0x0010
/*
* the list entry to hold the destination addresses which do not use a
@@ -324,8 +321,8 @@ int mip6_ip6ma_create __P((struct ip6_mobility **,
struct sockaddr_in6 *,
u_int8_t,
u_int16_t,
- u_int32_t,
- u_int32_t));
+ u_int16_t,
+ u_int16_t));
int mip6_ip6me_create __P((struct ip6_mobility **,
struct sockaddr_in6 *,
struct sockaddr_in6 *,
@@ -333,11 +330,11 @@ int mip6_ip6me_create __P((struct ip6_mobility **,
struct sockaddr_in6 *));
int mip6_process_hrbu __P((struct sockaddr_in6 *,
struct sockaddr_in6 *,
- u_int8_t, u_int16_t, u_int32_t,
+ u_int8_t, u_int16_t, u_int16_t,
struct sockaddr_in6 *));
int mip6_process_hurbu __P((struct sockaddr_in6 *,
struct sockaddr_in6 *,
- u_int8_t, u_int16_t, u_int32_t,
+ u_int8_t, u_int16_t, u_int16_t,
struct sockaddr_in6 *));
int mip6_bu_destopt_create __P((struct ip6_dest **,
struct sockaddr_in6 *,
@@ -542,11 +539,11 @@ void mip6_bc_init __P((void));
int mip6_bc_register __P((struct sockaddr_in6 *,
struct sockaddr_in6 *,
struct sockaddr_in6 *,
- u_int16_t, u_int16_t, u_int32_t));
+ u_int16_t, u_int16_t, u_int16_t));
int mip6_bc_update __P((struct mip6_bc *,
struct sockaddr_in6 *,
struct sockaddr_in6 *,
- u_int16_t, u_int16_t, u_int32_t));
+ u_int16_t, u_int16_t, u_int16_t));
int mip6_bc_delete __P((struct mip6_bc *));
int mip6_bc_list_remove __P((struct mip6_bc_list *,
struct mip6_bc *));
@@ -558,7 +555,7 @@ struct mip6_bc *mip6_bc_list_find_withpcoa
struct sockaddr_in6 *));
int mip6_bc_send_ba __P((struct sockaddr_in6 *, struct sockaddr_in6 *,
struct sockaddr_in6 *, u_int8_t, u_int16_t,
- u_int32_t, u_int32_t));
+ u_int16_t, u_int16_t));
int mip6_bc_send_bm __P((struct mbuf *,
struct in6_addr *));
int mip6_dad_success __P((struct ifaddr *));
@@ -575,7 +572,7 @@ int mip6_get_nonce __P((int, mip6_nonce_t *));
int mip6_get_nodekey __P((int, mip6_nodekey_t *));
int mip6_is_valid_bu (struct ip6_hdr *, struct ip6m_binding_update *,
int, struct mip6_mobility_options *,
- struct sockaddr_in6 *);
+ struct sockaddr_in6 *, struct sockaddr_in6 *);
int mip6_get_mobility_options __P((struct ip6m_binding_update *,
int, struct mip6_mobility_options *));
void mip6_create_cookie __P((struct in6_addr *,
Please sign in to comment.
Something went wrong with that request. Please try again.