Index: route6.c =================================================================== RCS file: /home/dcvs/src/sys/netinet6/route6.c,v retrieving revision 1.9 diff -u -u -r1.9 route6.c --- route6.c 7 May 2007 13:00:16 -0000 1.9 +++ route6.c 22 Aug 2008 06:57:02 -0000 @@ -49,11 +49,6 @@ #include -#if 0 -static int ip6_rthdr0 (struct mbuf *, struct ip6_hdr *, - struct ip6_rthdr0 *); -#endif - int route6_input(struct mbuf **mp, int *offp, int proto) /* proto is unused */ { @@ -76,50 +71,6 @@ #endif switch (rh->ip6r_type) { -#if 0 - /* - * See http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf - * for why IPV6_RTHDR_TYPE_0 is baned here. - * - * We return ICMPv6 parameter problem so that innocent people - * (not an attacker) would notice about the use of IPV6_RTHDR_TYPE_0. - * Since there's no amplification, and ICMPv6 error will be rate- - * controlled, it shouldn't cause any problem. - * If you are concerned about this, you may want to use the following - * code fragment: - * - * case IPV6_RTHDR_TYPE_0: - * m_freem(m); - * return (IPPROTO_DONE); - */ - case IPV6_RTHDR_TYPE_0: - rhlen = (rh->ip6r_len + 1) << 3; -#ifndef PULLDOWN_TEST - /* - * note on option length: - * due to IP6_EXTHDR_CHECK assumption, we cannot handle - * very big routing header (max rhlen == 2048). - */ - IP6_EXTHDR_CHECK(m, off, rhlen, IPPROTO_DONE); -#else - /* - * note on option length: - * maximum rhlen: 2048 - * max mbuf m_pulldown can handle: MCLBYTES == usually 2048 - * so, here we are assuming that m_pulldown can handle - * rhlen == 2048 case. this may not be a good thing to - * assume - we may want to avoid pulling it up altogether. - */ - IP6_EXTHDR_GET(rh, struct ip6_rthdr *, m, off, rhlen); - if (rh == NULL) { - ip6stat.ip6s_tooshort++; - return IPPROTO_DONE; - } -#endif - if (ip6_rthdr0(m, ip6, (struct ip6_rthdr0 *)rh)) - return (IPPROTO_DONE); - break; -#endif default: /* unknown routing type */ if (rh->ip6r_segleft == 0) { @@ -135,93 +86,3 @@ *offp += rhlen; return (rh->ip6r_nxt); } - -#if 0 -/* - * Type0 routing header processing - * - * RFC2292 backward compatibility warning: no support for strict/loose bitmap, - * as it was dropped between RFC1883 and RFC2460. - */ -static int -ip6_rthdr0(struct mbuf *m, struct ip6_hdr *ip6, struct ip6_rthdr0 *rh0) -{ - int addrs, index; - struct in6_addr *nextaddr, tmpaddr; - - if (rh0->ip6r0_segleft == 0) - return (0); - - if (rh0->ip6r0_len % 2 -#ifdef COMPAT_RFC1883 - || rh0->ip6r0_len > 46 -#endif - ) { - /* - * Type 0 routing header can't contain more than 23 addresses. - * RFC 2462: this limitation was removed since strict/loose - * bitmap field was deleted. - */ - ip6stat.ip6s_badoptions++; - icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_HEADER, - (caddr_t)&rh0->ip6r0_len - (caddr_t)ip6); - return (-1); - } - - if ((addrs = rh0->ip6r0_len / 2) < rh0->ip6r0_segleft) { - ip6stat.ip6s_badoptions++; - icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_HEADER, - (caddr_t)&rh0->ip6r0_segleft - (caddr_t)ip6); - return (-1); - } - - index = addrs - rh0->ip6r0_segleft; - rh0->ip6r0_segleft--; - /* note that ip6r0_addr does not exist in RFC2292bis */ - nextaddr = rh0->ip6r0_addr + index; - - /* - * reject invalid addresses. be proactive about malicious use of - * IPv4 mapped/compat address. - * XXX need more checks? - */ - if (IN6_IS_ADDR_MULTICAST(nextaddr) || - IN6_IS_ADDR_UNSPECIFIED(nextaddr) || - IN6_IS_ADDR_V4MAPPED(nextaddr) || - IN6_IS_ADDR_V4COMPAT(nextaddr)) { - ip6stat.ip6s_badoptions++; - m_freem(m); - return (-1); - } - if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) || - IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst) || - IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst) || - IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) { - ip6stat.ip6s_badoptions++; - m_freem(m); - return (-1); - } - - /* - * Swap the IPv6 destination address and nextaddr. Forward the packet. - */ - tmpaddr = *nextaddr; - *nextaddr = ip6->ip6_dst; - if (IN6_IS_ADDR_LINKLOCAL(nextaddr)) - nextaddr->s6_addr16[1] = 0; - ip6->ip6_dst = tmpaddr; - if (IN6_IS_ADDR_LINKLOCAL(&ip6->ip6_dst)) - ip6->ip6_dst.s6_addr16[1] = htons(m->m_pkthdr.rcvif->if_index); - -#ifdef COMPAT_RFC1883 - if (rh0->ip6r0_slmap[index / 8] & (1 << (7 - (index % 8)))) - ip6_forward(m, IPV6_SRCRT_NEIGHBOR); - else - ip6_forward(m, IPV6_SRCRT_NOTNEIGHBOR); -#else - ip6_forward(m, 1); -#endif - - return (-1); /* m would be freed in ip6_forward() */ -} -#endif