in6.c revision f729fe0a4a07f77cf2a60a88614a01b6bd649256
1/*	$FreeBSD$	*/
2/*	$KAME: in6.c,v 1.187 2001/05/24 07:43:59 itojun Exp $	*/
3
4/*
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 *    notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 *    may be used to endorse or promote products derived from this software
18 *    without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33/*
34 * Copyright (c) 1982, 1986, 1991, 1993
35 *	The Regents of the University of California.  All rights reserved.
36 *
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 * 1. Redistributions of source code must retain the above copyright
41 *    notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 *    notice, this list of conditions and the following disclaimer in the
44 *    documentation and/or other materials provided with the distribution.
45 * 3. All advertising materials mentioning features or use of this software
46 *    must display the following acknowledgement:
47 *	This product includes software developed by the University of
48 *	California, Berkeley and its contributors.
49 * 4. Neither the name of the University nor the names of its contributors
50 *    may be used to endorse or promote products derived from this software
51 *    without specific prior written permission.
52 *
53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
56 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
63 * SUCH DAMAGE.
64 *
65 *	@(#)in.c	8.2 (Berkeley) 11/15/93
66 */
67
68#include "opt_inet.h"
69#include "opt_inet6.h"
70
71#include <sys/param.h>
72#include <sys/errno.h>
73#include <sys/malloc.h>
74#include <sys/socket.h>
75#include <sys/socketvar.h>
76#include <sys/sockio.h>
77#include <sys/systm.h>
78#include <sys/proc.h>
79#include <sys/time.h>
80#include <sys/kernel.h>
81#include <sys/syslog.h>
82
83#include <net/if.h>
84#include <net/if_types.h>
85#include <net/route.h>
86#include <net/if_dl.h>
87
88#include <netinet/in.h>
89#include <netinet/in_var.h>
90#include <netinet/if_ether.h>
91#ifndef SCOPEDROUTING
92#include <netinet/in_systm.h>
93#include <netinet/ip.h>
94#include <netinet/in_pcb.h>
95#endif
96
97#include <netinet6/nd6.h>
98#include <netinet/ip6.h>
99#include <netinet6/ip6_var.h>
100#include <netinet6/mld6_var.h>
101#include <netinet6/ip6_mroute.h>
102#include <netinet6/in6_ifattach.h>
103#include <netinet6/scope6_var.h>
104#ifndef SCOPEDROUTING
105#include <netinet6/in6_pcb.h>
106#endif
107
108#include <net/net_osdep.h>
109
110MALLOC_DEFINE(M_IPMADDR, "in6_multi", "internet multicast address");
111
112/*
113 * Definitions of some costant IP6 addresses.
114 */
115const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
116const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
117const struct in6_addr in6addr_nodelocal_allnodes =
118	IN6ADDR_NODELOCAL_ALLNODES_INIT;
119const struct in6_addr in6addr_linklocal_allnodes =
120	IN6ADDR_LINKLOCAL_ALLNODES_INIT;
121const struct in6_addr in6addr_linklocal_allrouters =
122	IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
123
124const struct in6_addr in6mask0 = IN6MASK0;
125const struct in6_addr in6mask32 = IN6MASK32;
126const struct in6_addr in6mask64 = IN6MASK64;
127const struct in6_addr in6mask96 = IN6MASK96;
128const struct in6_addr in6mask128 = IN6MASK128;
129
130const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6,
131				     0, 0, IN6ADDR_ANY_INIT, 0};
132
133static int in6_lifaddr_ioctl __P((struct socket *, u_long, caddr_t,
134	struct ifnet *, struct proc *));
135static int in6_ifinit __P((struct ifnet *, struct in6_ifaddr *,
136			   struct sockaddr_in6 *, int));
137static void in6_unlink_ifa __P((struct in6_ifaddr *, struct ifnet *));
138
139struct in6_multihead in6_multihead;	/* XXX BSS initialization */
140
141/*
142 * Subroutine for in6_ifaddloop() and in6_ifremloop().
143 * This routine does actual work.
144 */
145static void
146in6_ifloop_request(int cmd, struct ifaddr *ifa)
147{
148	struct sockaddr_in6 all1_sa;
149	struct rtentry *nrt = NULL;
150	int e;
151
152	bzero(&all1_sa, sizeof(all1_sa));
153	all1_sa.sin6_family = AF_INET6;
154	all1_sa.sin6_len = sizeof(struct sockaddr_in6);
155	all1_sa.sin6_addr = in6mask128;
156
157	/*
158	 * We specify the address itself as the gateway, and set the
159	 * RTF_LLINFO flag, so that the corresponding host route would have
160	 * the flag, and thus applications that assume traditional behavior
161	 * would be happy.  Note that we assume the caller of the function
162	 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest,
163	 * which changes the outgoing interface to the loopback interface.
164	 */
165	e = rtrequest(cmd, ifa->ifa_addr, ifa->ifa_addr,
166		      (struct sockaddr *)&all1_sa,
167		      RTF_UP|RTF_HOST|RTF_LLINFO, &nrt);
168	if (e != 0) {
169		log(LOG_ERR, "in6_ifloop_request: "
170		    "%s operation failed for %s (errno=%d)\n",
171		    cmd == RTM_ADD ? "ADD" : "DELETE",
172		    ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr),
173		    e);
174	}
175
176	/*
177	 * Make sure rt_ifa be equal to IFA, the second argument of the
178	 * function.
179	 * We need this because when we refer to rt_ifa->ia6_flags in
180	 * ip6_input, we assume that the rt_ifa points to the address instead
181	 * of the loopback address.
182	 */
183	if (cmd == RTM_ADD && nrt && ifa != nrt->rt_ifa) {
184		IFAFREE(nrt->rt_ifa);
185		IFAREF(ifa);
186		nrt->rt_ifa = ifa;
187	}
188
189	/*
190	 * Report the addition/removal of the address to the routing socket.
191	 * XXX: since we called rtinit for a p2p interface with a destination,
192	 *      we end up reporting twice in such a case.  Should we rather
193	 *      omit the second report?
194	 */
195	if (nrt) {
196		rt_newaddrmsg(cmd, ifa, e, nrt);
197		if (cmd == RTM_DELETE) {
198			if (nrt->rt_refcnt <= 0) {
199				/* XXX: we should free the entry ourselves. */
200				nrt->rt_refcnt++;
201				rtfree(nrt);
202			}
203		} else {
204			/* the cmd must be RTM_ADD here */
205			nrt->rt_refcnt--;
206		}
207	}
208}
209
210/*
211 * Add ownaddr as loopback rtentry.  We previously add the route only if
212 * necessary (ex. on a p2p link).  However, since we now manage addresses
213 * separately from prefixes, we should always add the route.  We can't
214 * rely on the cloning mechanism from the corresponding interface route
215 * any more.
216 */
217static void
218in6_ifaddloop(struct ifaddr *ifa)
219{
220	struct rtentry *rt;
221
222	/* If there is no loopback entry, allocate one. */
223	rt = rtalloc1(ifa->ifa_addr, 0, 0);
224	if (rt == NULL || (rt->rt_flags & RTF_HOST) == 0 ||
225	    (rt->rt_ifp->if_flags & IFF_LOOPBACK) == 0)
226		in6_ifloop_request(RTM_ADD, ifa);
227	if (rt)
228		rt->rt_refcnt--;
229}
230
231/*
232 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(),
233 * if it exists.
234 */
235static void
236in6_ifremloop(struct ifaddr *ifa)
237{
238	struct in6_ifaddr *ia;
239	struct rtentry *rt;
240	int ia_count = 0;
241
242	/*
243	 * Some of BSD variants do not remove cloned routes
244	 * from an interface direct route, when removing the direct route
245	 * (see comments in net/net_osdep.h).  Even for variants that do remove
246	 * cloned routes, they could fail to remove the cloned routes when
247	 * we handle multple addresses that share a common prefix.
248	 * So, we should remove the route corresponding to the deleted address
249	 * regardless of the result of in6_is_ifloop_auto().
250	 */
251
252	/*
253	 * Delete the entry only if exact one ifa exists. More than one ifa
254	 * can exist if we assign a same single address to multiple
255	 * (probably p2p) interfaces.
256	 * XXX: we should avoid such a configuration in IPv6...
257	 */
258	for (ia = in6_ifaddr; ia; ia = ia->ia_next) {
259		if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) {
260			ia_count++;
261			if (ia_count > 1)
262				break;
263		}
264	}
265
266	if (ia_count == 1) {
267		/*
268		 * Before deleting, check if a corresponding loopbacked host
269		 * route surely exists. With this check, we can avoid to
270		 * delete an interface direct route whose destination is same
271		 * as the address being removed. This can happen when remofing
272		 * a subnet-router anycast address on an interface attahced
273		 * to a shared medium.
274		 */
275		rt = rtalloc1(ifa->ifa_addr, 0, 0);
276		if (rt != NULL && (rt->rt_flags & RTF_HOST) != 0 &&
277		    (rt->rt_ifp->if_flags & IFF_LOOPBACK) != 0) {
278			rt->rt_refcnt--;
279			in6_ifloop_request(RTM_DELETE, ifa);
280		}
281	}
282}
283
284int
285in6_ifindex2scopeid(idx)
286	int idx;
287{
288	struct ifnet *ifp;
289	struct ifaddr *ifa;
290	struct sockaddr_in6 *sin6;
291
292	if (idx < 0 || if_index < idx)
293		return -1;
294	ifp = ifnet_byindex(idx);
295
296	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
297	{
298		if (ifa->ifa_addr->sa_family != AF_INET6)
299			continue;
300		sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
301		if (IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr))
302			return sin6->sin6_scope_id & 0xffff;
303	}
304
305	return -1;
306}
307
308int
309in6_mask2len(mask, lim0)
310	struct in6_addr *mask;
311	u_char *lim0;
312{
313	int x = 0, y;
314	u_char *lim = lim0, *p;
315
316	if (lim0 == NULL ||
317	    lim0 - (u_char *)mask > sizeof(*mask)) /* ignore the scope_id part */
318		lim = (u_char *)mask + sizeof(*mask);
319	for (p = (u_char *)mask; p < lim; x++, p++) {
320		if (*p != 0xff)
321			break;
322	}
323	y = 0;
324	if (p < lim) {
325		for (y = 0; y < 8; y++) {
326			if ((*p & (0x80 >> y)) == 0)
327				break;
328		}
329	}
330
331	/*
332	 * when the limit pointer is given, do a stricter check on the
333	 * remaining bits.
334	 */
335	if (p < lim) {
336		if (y != 0 && (*p & (0x00ff >> y)) != 0)
337			return(-1);
338		for (p = p + 1; p < lim; p++)
339			if (*p != 0)
340				return(-1);
341	}
342
343	return x * 8 + y;
344}
345
346void
347in6_len2mask(mask, len)
348	struct in6_addr *mask;
349	int len;
350{
351	int i;
352
353	bzero(mask, sizeof(*mask));
354	for (i = 0; i < len / 8; i++)
355		mask->s6_addr8[i] = 0xff;
356	if (len % 8)
357		mask->s6_addr8[i] = (0xff00 >> (len % 8)) & 0xff;
358}
359
360#define ifa2ia6(ifa)	((struct in6_ifaddr *)(ifa))
361#define ia62ifa(ia6)	(&((ia6)->ia_ifa))
362
363int
364in6_control(so, cmd, data, ifp, p)
365	struct	socket *so;
366	u_long cmd;
367	caddr_t	data;
368	struct ifnet *ifp;
369	struct proc *p;
370{
371	struct	in6_ifreq *ifr = (struct in6_ifreq *)data;
372	struct	in6_ifaddr *ia = NULL;
373	struct	in6_aliasreq *ifra = (struct in6_aliasreq *)data;
374	int privileged;
375
376	privileged = 0;
377	if (p == NULL || !suser(p))
378		privileged++;
379
380	switch (cmd) {
381	case SIOCGETSGCNT_IN6:
382	case SIOCGETMIFCNT_IN6:
383		return (mrt6_ioctl(cmd, data));
384	}
385
386	if (ifp == NULL)
387		return(EOPNOTSUPP);
388
389	switch (cmd) {
390	case SIOCSNDFLUSH_IN6:
391	case SIOCSPFXFLUSH_IN6:
392	case SIOCSRTRFLUSH_IN6:
393	case SIOCSDEFIFACE_IN6:
394	case SIOCSIFINFO_FLAGS:
395		if (!privileged)
396			return(EPERM);
397		/*fall through*/
398	case OSIOCGIFINFO_IN6:
399	case SIOCGIFINFO_IN6:
400	case SIOCGDRLST_IN6:
401	case SIOCGPRLST_IN6:
402	case SIOCGNBRINFO_IN6:
403	case SIOCGDEFIFACE_IN6:
404		return(nd6_ioctl(cmd, data, ifp));
405	}
406
407	switch (cmd) {
408	case SIOCSIFPREFIX_IN6:
409	case SIOCDIFPREFIX_IN6:
410	case SIOCAIFPREFIX_IN6:
411	case SIOCCIFPREFIX_IN6:
412	case SIOCSGIFPREFIX_IN6:
413	case SIOCGIFPREFIX_IN6:
414		log(LOG_NOTICE,
415		    "prefix ioctls are now invalidated. "
416		    "please use ifconfig.\n");
417		return(EOPNOTSUPP);
418	}
419
420	switch(cmd) {
421	case SIOCSSCOPE6:
422		if (!privileged)
423			return(EPERM);
424		return(scope6_set(ifp, ifr->ifr_ifru.ifru_scope_id));
425		break;
426	case SIOCGSCOPE6:
427		return(scope6_get(ifp, ifr->ifr_ifru.ifru_scope_id));
428		break;
429	case SIOCGSCOPE6DEF:
430		return(scope6_get_default(ifr->ifr_ifru.ifru_scope_id));
431		break;
432	}
433
434	switch (cmd) {
435	case SIOCALIFADDR:
436	case SIOCDLIFADDR:
437		if (!privileged)
438			return(EPERM);
439		/*fall through*/
440	case SIOCGLIFADDR:
441		return in6_lifaddr_ioctl(so, cmd, data, ifp, p);
442	}
443
444	/*
445	 * Find address for this interface, if it exists.
446	 */
447	if (ifra->ifra_addr.sin6_family == AF_INET6) { /* XXX */
448		struct sockaddr_in6 *sa6 =
449			(struct sockaddr_in6 *)&ifra->ifra_addr;
450
451		if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) {
452			if (sa6->sin6_addr.s6_addr16[1] == 0) {
453				/* link ID is not embedded by the user */
454				sa6->sin6_addr.s6_addr16[1] =
455					htons(ifp->if_index);
456			} else if (sa6->sin6_addr.s6_addr16[1] !=
457				    htons(ifp->if_index)) {
458				return(EINVAL);	/* link ID contradicts */
459			}
460			if (sa6->sin6_scope_id) {
461				if (sa6->sin6_scope_id !=
462				    (u_int32_t)ifp->if_index)
463					return(EINVAL);
464				sa6->sin6_scope_id = 0; /* XXX: good way? */
465			}
466		}
467		ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr);
468	}
469
470	switch (cmd) {
471	case SIOCSIFADDR_IN6:
472	case SIOCSIFDSTADDR_IN6:
473	case SIOCSIFNETMASK_IN6:
474		/*
475		 * Since IPv6 allows a node to assign multiple addresses
476		 * on a single interface, SIOCSIFxxx ioctls are not suitable
477		 * and should be unused.
478		 */
479		/* we decided to obsolete this command (20000704) */
480		return(EINVAL);
481
482	case SIOCDIFADDR_IN6:
483		/*
484		 * for IPv4, we look for existing in_ifaddr here to allow
485		 * "ifconfig if0 delete" to remove first IPv4 address on the
486		 * interface.  For IPv6, as the spec allow multiple interface
487		 * address from the day one, we consider "remove the first one"
488		 * semantics to be not preferable.
489		 */
490		if (ia == NULL)
491			return(EADDRNOTAVAIL);
492		/* FALLTHROUGH */
493	case SIOCAIFADDR_IN6:
494		/*
495		 * We always require users to specify a valid IPv6 address for
496		 * the corresponding operation.
497		 */
498		if (ifra->ifra_addr.sin6_family != AF_INET6 ||
499		    ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6))
500			return(EAFNOSUPPORT);
501		if (!privileged)
502			return(EPERM);
503
504		break;
505
506	case SIOCGIFADDR_IN6:
507		/* This interface is basically deprecated. use SIOCGIFCONF. */
508		/* fall through */
509	case SIOCGIFAFLAG_IN6:
510	case SIOCGIFNETMASK_IN6:
511	case SIOCGIFDSTADDR_IN6:
512	case SIOCGIFALIFETIME_IN6:
513		/* must think again about its semantics */
514		if (ia == NULL)
515			return(EADDRNOTAVAIL);
516		break;
517	case SIOCSIFALIFETIME_IN6:
518	    {
519		struct in6_addrlifetime *lt;
520
521		if (!privileged)
522			return(EPERM);
523		if (ia == NULL)
524			return(EADDRNOTAVAIL);
525		/* sanity for overflow - beware unsigned */
526		lt = &ifr->ifr_ifru.ifru_lifetime;
527		if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME
528		 && lt->ia6t_vltime + time_second < time_second) {
529			return EINVAL;
530		}
531		if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME
532		 && lt->ia6t_pltime + time_second < time_second) {
533			return EINVAL;
534		}
535		break;
536	    }
537	}
538
539	switch (cmd) {
540
541	case SIOCGIFADDR_IN6:
542		ifr->ifr_addr = ia->ia_addr;
543		break;
544
545	case SIOCGIFDSTADDR_IN6:
546		if ((ifp->if_flags & IFF_POINTOPOINT) == 0)
547			return(EINVAL);
548		/*
549		 * XXX: should we check if ifa_dstaddr is NULL and return
550		 * an error?
551		 */
552		ifr->ifr_dstaddr = ia->ia_dstaddr;
553		break;
554
555	case SIOCGIFNETMASK_IN6:
556		ifr->ifr_addr = ia->ia_prefixmask;
557		break;
558
559	case SIOCGIFAFLAG_IN6:
560		ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
561		break;
562
563	case SIOCGIFSTAT_IN6:
564		if (ifp == NULL)
565			return EINVAL;
566		if (in6_ifstat == NULL || ifp->if_index >= in6_ifstatmax
567		 || in6_ifstat[ifp->if_index] == NULL) {
568			/* return EAFNOSUPPORT? */
569			bzero(&ifr->ifr_ifru.ifru_stat,
570				sizeof(ifr->ifr_ifru.ifru_stat));
571		} else
572			ifr->ifr_ifru.ifru_stat = *in6_ifstat[ifp->if_index];
573		break;
574
575	case SIOCGIFSTAT_ICMP6:
576		if (ifp == NULL)
577			return EINVAL;
578		if (icmp6_ifstat == NULL || ifp->if_index >= icmp6_ifstatmax ||
579		    icmp6_ifstat[ifp->if_index] == NULL) {
580			/* return EAFNOSUPPORT? */
581			bzero(&ifr->ifr_ifru.ifru_stat,
582				sizeof(ifr->ifr_ifru.ifru_icmp6stat));
583		} else
584			ifr->ifr_ifru.ifru_icmp6stat =
585				*icmp6_ifstat[ifp->if_index];
586		break;
587
588	case SIOCGIFALIFETIME_IN6:
589		ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
590		break;
591
592	case SIOCSIFALIFETIME_IN6:
593		ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime;
594		/* for sanity */
595		if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
596			ia->ia6_lifetime.ia6t_expire =
597				time_second + ia->ia6_lifetime.ia6t_vltime;
598		} else
599			ia->ia6_lifetime.ia6t_expire = 0;
600		if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
601			ia->ia6_lifetime.ia6t_preferred =
602				time_second + ia->ia6_lifetime.ia6t_pltime;
603		} else
604			ia->ia6_lifetime.ia6t_preferred = 0;
605		break;
606
607	case SIOCAIFADDR_IN6:
608	{
609		int i, error = 0;
610		struct nd_prefix pr0, *pr;
611
612		/*
613		 * first, make or update the interface address structure,
614		 * and link it to the list.
615		 */
616		if ((error = in6_update_ifa(ifp, ifra, ia)) != 0)
617			return(error);
618
619		/*
620		 * then, make the prefix on-link on the interface.
621		 * XXX: we'd rather create the prefix before the address, but
622		 * we need at least one address to install the corresponding
623		 * interface route, so we configure the address first.
624		 */
625
626		/*
627		 * convert mask to prefix length (prefixmask has already
628		 * been validated in in6_update_ifa().
629		 */
630		bzero(&pr0, sizeof(pr0));
631		pr0.ndpr_ifp = ifp;
632		pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
633					     NULL);
634		if (pr0.ndpr_plen == 128)
635			break;	/* we don't need to install a host route. */
636		pr0.ndpr_prefix = ifra->ifra_addr;
637		pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr;
638		/* apply the mask for safety. */
639		for (i = 0; i < 4; i++) {
640			pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
641				ifra->ifra_prefixmask.sin6_addr.s6_addr32[i];
642		}
643		/*
644		 * XXX: since we don't have enough APIs, we just set inifinity
645		 * to lifetimes.  They can be overridden by later advertised
646		 * RAs (when accept_rtadv is non 0), but we'd rather intend
647		 * such a behavior.
648		 */
649		pr0.ndpr_raf_onlink = 1; /* should be configurable? */
650		pr0.ndpr_raf_auto =
651			((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
652		pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
653		pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
654
655		/* add the prefix if there's one. */
656		if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
657			/*
658			 * nd6_prelist_add will install the corresponding
659			 * interface route.
660			 */
661			if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0)
662				return(error);
663			if (pr == NULL) {
664				log(LOG_ERR, "nd6_prelist_add succedded but "
665				    "no prefix\n");
666				return(EINVAL); /* XXX panic here? */
667			}
668		}
669		if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr))
670		    == NULL) {
671		    	/* XXX: this should not happen! */
672			log(LOG_ERR, "in6_control: addition succeeded, but"
673			    " no ifaddr\n");
674		} else {
675			if ((ia->ia6_flags & IN6_IFF_AUTOCONF) != 0 &&
676			    ia->ia6_ndpr == NULL) { /* new autoconfed addr */
677				ia->ia6_ndpr = pr;
678				pr->ndpr_refcnt++;
679
680				/*
681				 * If this is the first autoconf address from
682				 * the prefix, create a temporary address
683				 * as well (when specified).
684				 */
685				if (ip6_use_tempaddr &&
686				    pr->ndpr_refcnt == 1) {
687					int e;
688					if ((e = in6_tmpifadd(ia, 1)) != 0) {
689						log(LOG_NOTICE, "in6_control: "
690						    "failed to create a "
691						    "temporary address, "
692						    "errno=%d\n",
693						    e);
694					}
695				}
696			}
697
698			/*
699			 * this might affect the status of autoconfigured
700			 * addresses, that is, this address might make
701			 * other addresses detached.
702			 */
703			pfxlist_onlink_check();
704		}
705		break;
706	}
707
708	case SIOCDIFADDR_IN6:
709	{
710		int i = 0;
711		struct nd_prefix pr0, *pr;
712
713		/*
714		 * If the address being deleted is the only one that owns
715		 * the corresponding prefix, expire the prefix as well.
716		 * XXX: theoretically, we don't have to warry about such
717		 * relationship, since we separate the address management
718		 * and the prefix management.  We do this, however, to provide
719		 * as much backward compatibility as possible in terms of
720		 * the ioctl operation.
721		 */
722		bzero(&pr0, sizeof(pr0));
723		pr0.ndpr_ifp = ifp;
724		pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr,
725					     NULL);
726		if (pr0.ndpr_plen == 128)
727			goto purgeaddr;
728		pr0.ndpr_prefix = ia->ia_addr;
729		pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr;
730		for (i = 0; i < 4; i++) {
731			pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &=
732				ia->ia_prefixmask.sin6_addr.s6_addr32[i];
733		}
734		/*
735		 * The logic of the following condition is a bit complicated.
736		 * We expire the prefix when
737		 * 1. the address obeys autoconfiguration and it is the
738		 *    only owner of the associated prefix, or
739		 * 2. the address does not obey autoconf and there is no
740		 *    other owner of the prefix.
741		 */
742		if ((pr = nd6_prefix_lookup(&pr0)) != NULL &&
743		    (((ia->ia6_flags & IN6_IFF_AUTOCONF) != 0 &&
744		      pr->ndpr_refcnt == 1) ||
745		     ((ia->ia6_flags & IN6_IFF_AUTOCONF) == 0 &&
746		      pr->ndpr_refcnt == 0))) {
747			pr->ndpr_expire = 1; /* XXX: just for expiration */
748		}
749
750	  purgeaddr:
751		in6_purgeaddr(&ia->ia_ifa);
752		break;
753	}
754
755	default:
756		if (ifp == NULL || ifp->if_ioctl == 0)
757			return(EOPNOTSUPP);
758		return((*ifp->if_ioctl)(ifp, cmd, data));
759	}
760
761	return(0);
762}
763
764/*
765 * Update parameters of an IPv6 interface address.
766 * If necessary, a new entry is created and linked into address chains.
767 * This function is separated from in6_control().
768 * XXX: should this be performed under splnet()?
769 */
770int
771in6_update_ifa(ifp, ifra, ia)
772	struct ifnet *ifp;
773	struct in6_aliasreq *ifra;
774	struct in6_ifaddr *ia;
775{
776	int error = 0, hostIsNew = 0, plen = -1;
777	struct in6_ifaddr *oia;
778	struct sockaddr_in6 dst6;
779	struct in6_addrlifetime *lt;
780
781	/* Validate parameters */
782	if (ifp == NULL || ifra == NULL) /* this maybe redundant */
783		return(EINVAL);
784
785	/*
786	 * The destination address for a p2p link must have a family
787	 * of AF_UNSPEC or AF_INET6.
788	 */
789	if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
790	    ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
791	    ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
792		return(EAFNOSUPPORT);
793	/*
794	 * validate ifra_prefixmask.  don't check sin6_family, netmask
795	 * does not carry fields other than sin6_len.
796	 */
797	if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
798		return(EINVAL);
799	/*
800	 * Because the IPv6 address architecture is classless, we require
801	 * users to specify a (non 0) prefix length (mask) for a new address.
802	 * We also require the prefix (when specified) mask is valid, and thus
803	 * reject a non-consecutive mask.
804	 */
805	if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
806		return(EINVAL);
807	if (ifra->ifra_prefixmask.sin6_len != 0) {
808		plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
809				    (u_char *)&ifra->ifra_prefixmask +
810				    ifra->ifra_prefixmask.sin6_len);
811		if (plen <= 0)
812			return(EINVAL);
813	}
814	else {
815		/*
816		 * In this case, ia must not be NULL. We just use its prefix
817		 * length.
818		 */
819		plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
820	}
821	/*
822	 * If the destination address on a p2p interface is specified,
823	 * and the address is a scoped one, validate/set the scope
824	 * zone identifier.
825	 */
826	dst6 = ifra->ifra_dstaddr;
827	if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) &&
828	    (dst6.sin6_family == AF_INET6)) {
829		int scopeid;
830
831#ifndef SCOPEDROUTING
832		if ((error = in6_recoverscope(&dst6,
833					      &ifra->ifra_dstaddr.sin6_addr,
834					      ifp)) != 0)
835			return(error);
836#endif
837		scopeid = in6_addr2scopeid(ifp, &dst6.sin6_addr);
838		if (dst6.sin6_scope_id == 0) /* user omit to specify the ID. */
839			dst6.sin6_scope_id = scopeid;
840		else if (dst6.sin6_scope_id != scopeid)
841			return(EINVAL); /* scope ID mismatch. */
842#ifndef SCOPEDROUTING
843		if ((error = in6_embedscope(&dst6.sin6_addr, &dst6, NULL, NULL))
844		    != 0)
845			return(error);
846		dst6.sin6_scope_id = 0; /* XXX */
847#endif
848	}
849	/*
850	 * The destination address can be specified only for a p2p or a
851	 * loopback interface.  If specified, the corresponding prefix length
852	 * must be 128.
853	 */
854	if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
855		if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
856			/* XXX: noisy message */
857			log(LOG_INFO, "in6_update_ifa: a destination can be "
858			    "specified for a p2p or a loopback IF only\n");
859			return(EINVAL);
860		}
861		if (plen != 128) {
862			/*
863			 * The following message seems noisy, but we dare to
864			 * add it for diagnosis.
865			 */
866			log(LOG_INFO, "in6_update_ifa: prefixlen must be 128 "
867			    "when dstaddr is specified\n");
868			return(EINVAL);
869		}
870	}
871	/* lifetime consistency check */
872	lt = &ifra->ifra_lifetime;
873	if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME
874	    && lt->ia6t_vltime + time_second < time_second) {
875		return EINVAL;
876	}
877	if (lt->ia6t_vltime == 0) {
878		/*
879		 * the following log might be noisy, but this is a typical
880		 * configuration mistake or a tool's bug.
881		 */
882		log(LOG_INFO,
883		    "in6_update_ifa: valid lifetime is 0 for %s\n",
884		    ip6_sprintf(&ifra->ifra_addr.sin6_addr));
885	}
886	if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME
887	    && lt->ia6t_pltime + time_second < time_second) {
888		return EINVAL;
889	}
890
891	/*
892	 * If this is a new address, allocate a new ifaddr and link it
893	 * into chains.
894	 */
895	if (ia == NULL) {
896		hostIsNew = 1;
897		/*
898		 * When in6_update_ifa() is called in a process of a received
899		 * RA, it is called under splnet().  So, we should call malloc
900		 * with M_NOWAIT.
901		 */
902		ia = (struct in6_ifaddr *)
903			malloc(sizeof(*ia), M_IFADDR, M_NOWAIT);
904		if (ia == NULL)
905			return (ENOBUFS);
906		bzero((caddr_t)ia, sizeof(*ia));
907		/* Initialize the address and masks */
908		ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
909		ia->ia_addr.sin6_family = AF_INET6;
910		ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
911		if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
912			/*
913			 * XXX: some functions expect that ifa_dstaddr is not
914			 * NULL for p2p interfaces.
915			 */
916			ia->ia_ifa.ifa_dstaddr
917				= (struct sockaddr *)&ia->ia_dstaddr;
918		} else {
919			ia->ia_ifa.ifa_dstaddr = NULL;
920		}
921		ia->ia_ifa.ifa_netmask
922			= (struct sockaddr *)&ia->ia_prefixmask;
923
924		ia->ia_ifp = ifp;
925		if ((oia = in6_ifaddr) != NULL) {
926			for ( ; oia->ia_next; oia = oia->ia_next)
927				continue;
928			oia->ia_next = ia;
929		} else
930			in6_ifaddr = ia;
931
932		TAILQ_INSERT_TAIL(&ifp->if_addrlist, &ia->ia_ifa,
933				  ifa_list);
934	}
935
936	/* set prefix mask */
937	if (ifra->ifra_prefixmask.sin6_len) {
938		/*
939		 * We prohibit changing the prefix length of an existing
940		 * address, because
941		 * + such an operation should be rare in IPv6, and
942		 * + the operation would confuse prefix management.
943		 */
944		if (ia->ia_prefixmask.sin6_len &&
945		    in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
946			log(LOG_INFO, "in6_update_ifa: the prefix length of an"
947			    " existing (%s) address should not be changed\n",
948			    ip6_sprintf(&ia->ia_addr.sin6_addr));
949			error = EINVAL;
950			goto unlink;
951		}
952		ia->ia_prefixmask = ifra->ifra_prefixmask;
953	}
954
955	/*
956	 * If a new destination address is specified, scrub the old one and
957	 * install the new destination.  Note that the interface must be
958	 * p2p or loopback (see the check above.)
959	 */
960	if (dst6.sin6_family == AF_INET6 &&
961	    !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr,
962				&ia->ia_dstaddr.sin6_addr)) {
963		int e;
964
965		if ((ia->ia_flags & IFA_ROUTE) != 0 &&
966		    (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST))
967		    != 0) {
968			log(LOG_ERR, "in6_update_ifa: failed to remove "
969			    "a route to the old destination: %s\n",
970			    ip6_sprintf(&ia->ia_addr.sin6_addr));
971			/* proceed anyway... */
972		}
973		else
974			ia->ia_flags &= ~IFA_ROUTE;
975		ia->ia_dstaddr = dst6;
976	}
977
978	/* reset the interface and routing table appropriately. */
979	if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0)
980		goto unlink;
981
982	/*
983	 * Beyond this point, we should call in6_purgeaddr upon an error,
984	 * not just go to unlink.
985	 */
986
987#if 0				/* disable this mechanism for now */
988	/* update prefix list */
989	if (hostIsNew &&
990	    (ifra->ifra_flags & IN6_IFF_NOPFX) == 0) { /* XXX */
991		int iilen;
992
993		iilen = (sizeof(ia->ia_prefixmask.sin6_addr) << 3) - plen;
994		if ((error = in6_prefix_add_ifid(iilen, ia)) != 0) {
995			in6_purgeaddr((struct ifaddr *)ia);
996			return(error);
997		}
998	}
999#endif
1000
1001	if ((ifp->if_flags & IFF_MULTICAST) != 0) {
1002		struct sockaddr_in6 mltaddr, mltmask;
1003		struct in6_multi *in6m;
1004
1005		if (hostIsNew) {
1006			/*
1007			 * join solicited multicast addr for new host id
1008			 */
1009			struct in6_addr llsol;
1010			bzero(&llsol, sizeof(struct in6_addr));
1011			llsol.s6_addr16[0] = htons(0xff02);
1012			llsol.s6_addr16[1] = htons(ifp->if_index);
1013			llsol.s6_addr32[1] = 0;
1014			llsol.s6_addr32[2] = htonl(1);
1015			llsol.s6_addr32[3] =
1016				ifra->ifra_addr.sin6_addr.s6_addr32[3];
1017			llsol.s6_addr8[12] = 0xff;
1018			(void)in6_addmulti(&llsol, ifp, &error);
1019			if (error != 0) {
1020				log(LOG_WARNING,
1021				    "in6_update_ifa: addmulti failed for "
1022				    "%s on %s (errno=%d)\n",
1023				    ip6_sprintf(&llsol), if_name(ifp),
1024				    error);
1025				in6_purgeaddr((struct ifaddr *)ia);
1026				return(error);
1027			}
1028		}
1029
1030		bzero(&mltmask, sizeof(mltmask));
1031		mltmask.sin6_len = sizeof(struct sockaddr_in6);
1032		mltmask.sin6_family = AF_INET6;
1033		mltmask.sin6_addr = in6mask32;
1034
1035		/*
1036		 * join link-local all-nodes address
1037		 */
1038		bzero(&mltaddr, sizeof(mltaddr));
1039		mltaddr.sin6_len = sizeof(struct sockaddr_in6);
1040		mltaddr.sin6_family = AF_INET6;
1041		mltaddr.sin6_addr = in6addr_linklocal_allnodes;
1042		mltaddr.sin6_addr.s6_addr16[1] = htons(ifp->if_index);
1043
1044		IN6_LOOKUP_MULTI(mltaddr.sin6_addr, ifp, in6m);
1045		if (in6m == NULL) {
1046			rtrequest(RTM_ADD,
1047				  (struct sockaddr *)&mltaddr,
1048				  (struct sockaddr *)&ia->ia_addr,
1049				  (struct sockaddr *)&mltmask,
1050				  RTF_UP|RTF_CLONING,  /* xxx */
1051				  (struct rtentry **)0);
1052			(void)in6_addmulti(&mltaddr.sin6_addr, ifp, &error);
1053			if (error != 0) {
1054				log(LOG_WARNING,
1055				    "in6_update_ifa: addmulti failed for "
1056				    "%s on %s (errno=%d)\n",
1057				    ip6_sprintf(&mltaddr.sin6_addr),
1058				    if_name(ifp), error);
1059			}
1060		}
1061
1062		/*
1063		 * join node information group address
1064		 */
1065#define hostnamelen	strlen(hostname)
1066		if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr.sin6_addr)
1067		    == 0) {
1068			IN6_LOOKUP_MULTI(mltaddr.sin6_addr, ifp, in6m);
1069			if (in6m == NULL && ia != NULL) {
1070				(void)in6_addmulti(&mltaddr.sin6_addr,
1071				    ifp, &error);
1072				if (error != 0) {
1073					log(LOG_WARNING, "in6_update_ifa: "
1074					    "addmulti failed for "
1075					    "%s on %s (errno=%d)\n",
1076					    ip6_sprintf(&mltaddr.sin6_addr),
1077					    if_name(ifp), error);
1078				}
1079			}
1080		}
1081#undef hostnamelen
1082
1083		/*
1084		 * join node-local all-nodes address, on loopback.
1085		 * XXX: since "node-local" is obsoleted by interface-local,
1086		 *      we have to join the group on every interface with
1087		 *      some interface-boundary restriction.
1088		 */
1089		if (ifp->if_flags & IFF_LOOPBACK) {
1090			struct in6_ifaddr *ia_loop;
1091
1092			struct in6_addr loop6 = in6addr_loopback;
1093			ia_loop = in6ifa_ifpwithaddr(ifp, &loop6);
1094
1095			mltaddr.sin6_addr = in6addr_nodelocal_allnodes;
1096
1097			IN6_LOOKUP_MULTI(mltaddr.sin6_addr, ifp, in6m);
1098			if (in6m == NULL && ia_loop != NULL) {
1099				rtrequest(RTM_ADD,
1100					  (struct sockaddr *)&mltaddr,
1101					  (struct sockaddr *)&ia_loop->ia_addr,
1102					  (struct sockaddr *)&mltmask,
1103					  RTF_UP,
1104					  (struct rtentry **)0);
1105				(void)in6_addmulti(&mltaddr.sin6_addr, ifp,
1106						   &error);
1107				if (error != 0) {
1108					log(LOG_WARNING, "in6_update_ifa: "
1109					    "addmulti failed for %s on %s "
1110					    "(errno=%d)\n",
1111					    ip6_sprintf(&mltaddr.sin6_addr),
1112					    if_name(ifp), error);
1113				}
1114			}
1115		}
1116	}
1117
1118	ia->ia6_flags = ifra->ifra_flags;
1119	ia->ia6_flags &= ~IN6_IFF_DUPLICATED;	/*safety*/
1120	ia->ia6_flags &= ~IN6_IFF_NODAD;	/* Mobile IPv6 */
1121
1122	ia->ia6_lifetime = ifra->ifra_lifetime;
1123	/* for sanity */
1124	if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
1125		ia->ia6_lifetime.ia6t_expire =
1126			time_second + ia->ia6_lifetime.ia6t_vltime;
1127	} else
1128		ia->ia6_lifetime.ia6t_expire = 0;
1129	if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
1130		ia->ia6_lifetime.ia6t_preferred =
1131			time_second + ia->ia6_lifetime.ia6t_pltime;
1132	} else
1133		ia->ia6_lifetime.ia6t_preferred = 0;
1134
1135	/*
1136	 * make sure to initialize ND6 information.  this is to workaround
1137	 * issues with interfaces with IPv6 addresses, which have never brought
1138	 * up.  We are assuming that it is safe to nd6_ifattach multiple times.
1139	 */
1140	nd6_ifattach(ifp);
1141
1142	/*
1143	 * Perform DAD, if needed.
1144	 * XXX It may be of use, if we can administratively
1145	 * disable DAD.
1146	 */
1147	if (in6if_do_dad(ifp) && (ifra->ifra_flags & IN6_IFF_NODAD) == 0) {
1148		ia->ia6_flags |= IN6_IFF_TENTATIVE;
1149		nd6_dad_start((struct ifaddr *)ia, NULL);
1150	}
1151
1152	return(error);
1153
1154  unlink:
1155	/*
1156	 * XXX: if a change of an existing address failed, keep the entry
1157	 * anyway.
1158	 */
1159	if (hostIsNew)
1160		in6_unlink_ifa(ia, ifp);
1161	return(error);
1162}
1163
1164void
1165in6_purgeaddr(ifa)
1166	struct ifaddr *ifa;
1167{
1168	struct ifnet *ifp = ifa->ifa_ifp;
1169	struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
1170
1171	/* stop DAD processing */
1172	nd6_dad_stop(ifa);
1173
1174	/*
1175	 * delete route to the destination of the address being purged.
1176	 * The interface must be p2p or loopback in this case.
1177	 */
1178	if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) {
1179		int e;
1180
1181		if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST))
1182		    != 0) {
1183			log(LOG_ERR, "in6_purgeaddr: failed to remove "
1184			    "a route to the p2p destination: %s on %s, "
1185			    "errno=%d\n",
1186			    ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp),
1187			    e);
1188			/* proceed anyway... */
1189		}
1190		else
1191			ia->ia_flags &= ~IFA_ROUTE;
1192	}
1193
1194	/* Remove ownaddr's loopback rtentry, if it exists. */
1195	in6_ifremloop(&(ia->ia_ifa));
1196
1197	if (ifp->if_flags & IFF_MULTICAST) {
1198		/*
1199		 * delete solicited multicast addr for deleting host id
1200		 */
1201		struct in6_multi *in6m;
1202		struct in6_addr llsol;
1203		bzero(&llsol, sizeof(struct in6_addr));
1204		llsol.s6_addr16[0] = htons(0xff02);
1205		llsol.s6_addr16[1] = htons(ifp->if_index);
1206		llsol.s6_addr32[1] = 0;
1207		llsol.s6_addr32[2] = htonl(1);
1208		llsol.s6_addr32[3] =
1209			ia->ia_addr.sin6_addr.s6_addr32[3];
1210		llsol.s6_addr8[12] = 0xff;
1211
1212		IN6_LOOKUP_MULTI(llsol, ifp, in6m);
1213		if (in6m)
1214			in6_delmulti(in6m);
1215	}
1216
1217	in6_unlink_ifa(ia, ifp);
1218}
1219
1220static void
1221in6_unlink_ifa(ia, ifp)
1222	struct in6_ifaddr *ia;
1223	struct ifnet *ifp;
1224{
1225	int plen, iilen;
1226	struct in6_ifaddr *oia;
1227	int	s = splnet();
1228
1229	TAILQ_REMOVE(&ifp->if_addrlist, &ia->ia_ifa, ifa_list);
1230
1231	oia = ia;
1232	if (oia == (ia = in6_ifaddr))
1233		in6_ifaddr = ia->ia_next;
1234	else {
1235		while (ia->ia_next && (ia->ia_next != oia))
1236			ia = ia->ia_next;
1237		if (ia->ia_next)
1238			ia->ia_next = oia->ia_next;
1239		else {
1240			/* search failed */
1241			printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n");
1242		}
1243	}
1244
1245	if (oia->ia6_ifpr) {	/* check for safety */
1246		plen = in6_mask2len(&oia->ia_prefixmask.sin6_addr, NULL);
1247		iilen = (sizeof(oia->ia_prefixmask.sin6_addr) << 3) - plen;
1248		in6_prefix_remove_ifid(iilen, oia);
1249	}
1250
1251	/*
1252	 * When an autoconfigured address is being removed, release the
1253	 * reference to the base prefix.  Also, since the release might
1254	 * affect the status of other (detached) addresses, call
1255	 * pfxlist_onlink_check().
1256	 */
1257	if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) {
1258		if (oia->ia6_ndpr == NULL) {
1259			log(LOG_NOTICE, "in6_unlink_ifa: autoconf'ed address "
1260			    "%p has no prefix\n", oia);
1261		} else {
1262			oia->ia6_ndpr->ndpr_refcnt--;
1263			oia->ia6_flags &= ~IN6_IFF_AUTOCONF;
1264			oia->ia6_ndpr = NULL;
1265		}
1266
1267		pfxlist_onlink_check();
1268	}
1269
1270	/*
1271	 * release another refcnt for the link from in6_ifaddr.
1272	 * Note that we should decrement the refcnt at least once for all *BSD.
1273	 */
1274	IFAFREE(&oia->ia_ifa);
1275
1276	splx(s);
1277}
1278
1279void
1280in6_purgeif(ifp)
1281	struct ifnet *ifp;
1282{
1283	struct ifaddr *ifa, *nifa;
1284
1285	for (ifa = TAILQ_FIRST(&ifp->if_addrlist); ifa != NULL; ifa = nifa)
1286	{
1287		nifa = TAILQ_NEXT(ifa, ifa_list);
1288		if (ifa->ifa_addr->sa_family != AF_INET6)
1289			continue;
1290		in6_purgeaddr(ifa);
1291	}
1292
1293	in6_ifdetach(ifp);
1294}
1295
1296/*
1297 * SIOC[GAD]LIFADDR.
1298 *	SIOCGLIFADDR: get first address. (?)
1299 *	SIOCGLIFADDR with IFLR_PREFIX:
1300 *		get first address that matches the specified prefix.
1301 *	SIOCALIFADDR: add the specified address.
1302 *	SIOCALIFADDR with IFLR_PREFIX:
1303 *		add the specified prefix, filling hostid part from
1304 *		the first link-local address.  prefixlen must be <= 64.
1305 *	SIOCDLIFADDR: delete the specified address.
1306 *	SIOCDLIFADDR with IFLR_PREFIX:
1307 *		delete the first address that matches the specified prefix.
1308 * return values:
1309 *	EINVAL on invalid parameters
1310 *	EADDRNOTAVAIL on prefix match failed/specified address not found
1311 *	other values may be returned from in6_ioctl()
1312 *
1313 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64.
1314 * this is to accomodate address naming scheme other than RFC2374,
1315 * in the future.
1316 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374
1317 * address encoding scheme. (see figure on page 8)
1318 */
1319static int
1320in6_lifaddr_ioctl(so, cmd, data, ifp, p)
1321	struct socket *so;
1322	u_long cmd;
1323	caddr_t	data;
1324	struct ifnet *ifp;
1325	struct proc *p;
1326{
1327	struct if_laddrreq *iflr = (struct if_laddrreq *)data;
1328	struct ifaddr *ifa;
1329	struct sockaddr *sa;
1330
1331	/* sanity checks */
1332	if (!data || !ifp) {
1333		panic("invalid argument to in6_lifaddr_ioctl");
1334		/*NOTRECHED*/
1335	}
1336
1337	switch (cmd) {
1338	case SIOCGLIFADDR:
1339		/* address must be specified on GET with IFLR_PREFIX */
1340		if ((iflr->flags & IFLR_PREFIX) == 0)
1341			break;
1342		/*FALLTHROUGH*/
1343	case SIOCALIFADDR:
1344	case SIOCDLIFADDR:
1345		/* address must be specified on ADD and DELETE */
1346		sa = (struct sockaddr *)&iflr->addr;
1347		if (sa->sa_family != AF_INET6)
1348			return EINVAL;
1349		if (sa->sa_len != sizeof(struct sockaddr_in6))
1350			return EINVAL;
1351		/* XXX need improvement */
1352		sa = (struct sockaddr *)&iflr->dstaddr;
1353		if (sa->sa_family && sa->sa_family != AF_INET6)
1354			return EINVAL;
1355		if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6))
1356			return EINVAL;
1357		break;
1358	default: /*shouldn't happen*/
1359#if 0
1360		panic("invalid cmd to in6_lifaddr_ioctl");
1361		/*NOTREACHED*/
1362#else
1363		return EOPNOTSUPP;
1364#endif
1365	}
1366	if (sizeof(struct in6_addr) * 8 < iflr->prefixlen)
1367		return EINVAL;
1368
1369	switch (cmd) {
1370	case SIOCALIFADDR:
1371	    {
1372		struct in6_aliasreq ifra;
1373		struct in6_addr *hostid = NULL;
1374		int prefixlen;
1375
1376		if ((iflr->flags & IFLR_PREFIX) != 0) {
1377			struct sockaddr_in6 *sin6;
1378
1379			/*
1380			 * hostid is to fill in the hostid part of the
1381			 * address.  hostid points to the first link-local
1382			 * address attached to the interface.
1383			 */
1384			ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0);
1385			if (!ifa)
1386				return EADDRNOTAVAIL;
1387			hostid = IFA_IN6(ifa);
1388
1389		 	/* prefixlen must be <= 64. */
1390			if (64 < iflr->prefixlen)
1391				return EINVAL;
1392			prefixlen = iflr->prefixlen;
1393
1394			/* hostid part must be zero. */
1395			sin6 = (struct sockaddr_in6 *)&iflr->addr;
1396			if (sin6->sin6_addr.s6_addr32[2] != 0
1397			 || sin6->sin6_addr.s6_addr32[3] != 0) {
1398				return EINVAL;
1399			}
1400		} else
1401			prefixlen = iflr->prefixlen;
1402
1403		/* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */
1404		bzero(&ifra, sizeof(ifra));
1405		bcopy(iflr->iflr_name, ifra.ifra_name,
1406			sizeof(ifra.ifra_name));
1407
1408		bcopy(&iflr->addr, &ifra.ifra_addr,
1409			((struct sockaddr *)&iflr->addr)->sa_len);
1410		if (hostid) {
1411			/* fill in hostid part */
1412			ifra.ifra_addr.sin6_addr.s6_addr32[2] =
1413				hostid->s6_addr32[2];
1414			ifra.ifra_addr.sin6_addr.s6_addr32[3] =
1415				hostid->s6_addr32[3];
1416		}
1417
1418		if (((struct sockaddr *)&iflr->dstaddr)->sa_family) {	/*XXX*/
1419			bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr,
1420				((struct sockaddr *)&iflr->dstaddr)->sa_len);
1421			if (hostid) {
1422				ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] =
1423					hostid->s6_addr32[2];
1424				ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] =
1425					hostid->s6_addr32[3];
1426			}
1427		}
1428
1429		ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
1430		in6_len2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen);
1431
1432		ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX;
1433		return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, p);
1434	    }
1435	case SIOCGLIFADDR:
1436	case SIOCDLIFADDR:
1437	    {
1438		struct in6_ifaddr *ia;
1439		struct in6_addr mask, candidate, match;
1440		struct sockaddr_in6 *sin6;
1441		int cmp;
1442
1443		bzero(&mask, sizeof(mask));
1444		if (iflr->flags & IFLR_PREFIX) {
1445			/* lookup a prefix rather than address. */
1446			in6_len2mask(&mask, iflr->prefixlen);
1447
1448			sin6 = (struct sockaddr_in6 *)&iflr->addr;
1449			bcopy(&sin6->sin6_addr, &match, sizeof(match));
1450			match.s6_addr32[0] &= mask.s6_addr32[0];
1451			match.s6_addr32[1] &= mask.s6_addr32[1];
1452			match.s6_addr32[2] &= mask.s6_addr32[2];
1453			match.s6_addr32[3] &= mask.s6_addr32[3];
1454
1455			/* if you set extra bits, that's wrong */
1456			if (bcmp(&match, &sin6->sin6_addr, sizeof(match)))
1457				return EINVAL;
1458
1459			cmp = 1;
1460		} else {
1461			if (cmd == SIOCGLIFADDR) {
1462				/* on getting an address, take the 1st match */
1463				cmp = 0;	/*XXX*/
1464			} else {
1465				/* on deleting an address, do exact match */
1466				in6_len2mask(&mask, 128);
1467				sin6 = (struct sockaddr_in6 *)&iflr->addr;
1468				bcopy(&sin6->sin6_addr, &match, sizeof(match));
1469
1470				cmp = 1;
1471			}
1472		}
1473
1474		TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
1475		{
1476			if (ifa->ifa_addr->sa_family != AF_INET6)
1477				continue;
1478			if (!cmp)
1479				break;
1480
1481			bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate));
1482#ifndef SCOPEDROUTING
1483			/*
1484			 * XXX: this is adhoc, but is necessary to allow
1485			 * a user to specify fe80::/64 (not /10) for a
1486			 * link-local address.
1487			 */
1488			if (IN6_IS_ADDR_LINKLOCAL(&candidate))
1489				candidate.s6_addr16[1] = 0;
1490#endif
1491			candidate.s6_addr32[0] &= mask.s6_addr32[0];
1492			candidate.s6_addr32[1] &= mask.s6_addr32[1];
1493			candidate.s6_addr32[2] &= mask.s6_addr32[2];
1494			candidate.s6_addr32[3] &= mask.s6_addr32[3];
1495			if (IN6_ARE_ADDR_EQUAL(&candidate, &match))
1496				break;
1497		}
1498		if (!ifa)
1499			return EADDRNOTAVAIL;
1500		ia = ifa2ia6(ifa);
1501
1502		if (cmd == SIOCGLIFADDR) {
1503#ifndef SCOPEDROUTING
1504			struct sockaddr_in6 *s6;
1505#endif
1506
1507			/* fill in the if_laddrreq structure */
1508			bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len);
1509#ifndef SCOPEDROUTING		/* XXX see above */
1510			s6 = (struct sockaddr_in6 *)&iflr->addr;
1511			if (IN6_IS_ADDR_LINKLOCAL(&s6->sin6_addr)) {
1512				s6->sin6_addr.s6_addr16[1] = 0;
1513				s6->sin6_scope_id =
1514					in6_addr2scopeid(ifp, &s6->sin6_addr);
1515			}
1516#endif
1517			if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1518				bcopy(&ia->ia_dstaddr, &iflr->dstaddr,
1519					ia->ia_dstaddr.sin6_len);
1520#ifndef SCOPEDROUTING		/* XXX see above */
1521				s6 = (struct sockaddr_in6 *)&iflr->dstaddr;
1522				if (IN6_IS_ADDR_LINKLOCAL(&s6->sin6_addr)) {
1523					s6->sin6_addr.s6_addr16[1] = 0;
1524					s6->sin6_scope_id =
1525						in6_addr2scopeid(ifp,
1526								 &s6->sin6_addr);
1527				}
1528#endif
1529			} else
1530				bzero(&iflr->dstaddr, sizeof(iflr->dstaddr));
1531
1532			iflr->prefixlen =
1533				in6_mask2len(&ia->ia_prefixmask.sin6_addr,
1534					     NULL);
1535
1536			iflr->flags = ia->ia6_flags;	/*XXX*/
1537
1538			return 0;
1539		} else {
1540			struct in6_aliasreq ifra;
1541
1542			/* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */
1543			bzero(&ifra, sizeof(ifra));
1544			bcopy(iflr->iflr_name, ifra.ifra_name,
1545				sizeof(ifra.ifra_name));
1546
1547			bcopy(&ia->ia_addr, &ifra.ifra_addr,
1548				ia->ia_addr.sin6_len);
1549			if ((ifp->if_flags & IFF_POINTOPOINT) != 0) {
1550				bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr,
1551					ia->ia_dstaddr.sin6_len);
1552			} else {
1553				bzero(&ifra.ifra_dstaddr,
1554				    sizeof(ifra.ifra_dstaddr));
1555			}
1556			bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr,
1557				ia->ia_prefixmask.sin6_len);
1558
1559			ifra.ifra_flags = ia->ia6_flags;
1560			return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra,
1561				ifp, p);
1562		}
1563	    }
1564	}
1565
1566	return EOPNOTSUPP;	/*just for safety*/
1567}
1568
1569/*
1570 * Initialize an interface's intetnet6 address
1571 * and routing table entry.
1572 */
1573static int
1574in6_ifinit(ifp, ia, sin6, newhost)
1575	struct ifnet *ifp;
1576	struct in6_ifaddr *ia;
1577	struct sockaddr_in6 *sin6;
1578	int newhost;
1579{
1580	int	error = 0, plen, ifacount = 0;
1581	int	s = splimp();
1582	struct ifaddr *ifa;
1583
1584	/*
1585	 * Give the interface a chance to initialize
1586	 * if this is its first address,
1587	 * and to validate the address if necessary.
1588	 */
1589	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
1590	{
1591		if (ifa->ifa_addr == NULL)
1592			continue;	/* just for safety */
1593		if (ifa->ifa_addr->sa_family != AF_INET6)
1594			continue;
1595		ifacount++;
1596	}
1597
1598	ia->ia_addr = *sin6;
1599
1600	if (ifacount <= 1 && ifp->if_ioctl &&
1601	    (error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia))) {
1602		splx(s);
1603		return(error);
1604	}
1605	splx(s);
1606
1607	ia->ia_ifa.ifa_metric = ifp->if_metric;
1608
1609	/* we could do in(6)_socktrim here, but just omit it at this moment. */
1610
1611	/*
1612	 * Special case:
1613	 * If the destination address is specified for a point-to-point
1614	 * interface, install a route to the destination as an interface
1615	 * direct route.
1616	 */
1617	plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1618	if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) {
1619		if ((error = rtinit(&(ia->ia_ifa), (int)RTM_ADD,
1620				    RTF_UP | RTF_HOST)) != 0)
1621			return(error);
1622		ia->ia_flags |= IFA_ROUTE;
1623	}
1624	if (plen < 128) {
1625		/*
1626		 * The RTF_CLONING flag is necessary for in6_is_ifloop_auto().
1627		 */
1628		ia->ia_ifa.ifa_flags |= RTF_CLONING;
1629	}
1630
1631	/* Add ownaddr as loopback rtentry, if necessary(ex. on p2p link). */
1632	if (newhost) {
1633		/* set the rtrequest function to create llinfo */
1634		ia->ia_ifa.ifa_rtrequest = nd6_rtrequest;
1635		in6_ifaddloop(&(ia->ia_ifa));
1636	}
1637
1638	return(error);
1639}
1640
1641/*
1642 * Add an address to the list of IP6 multicast addresses for a
1643 * given interface.
1644 */
1645struct	in6_multi *
1646in6_addmulti(maddr6, ifp, errorp)
1647	struct in6_addr *maddr6;
1648	struct ifnet *ifp;
1649	int *errorp;
1650{
1651	struct	in6_multi *in6m;
1652	struct sockaddr_in6 sin6;
1653	struct ifmultiaddr *ifma;
1654	int	s = splnet();
1655
1656	*errorp = 0;
1657
1658	/*
1659	 * Call generic routine to add membership or increment
1660	 * refcount.  It wants addresses in the form of a sockaddr,
1661	 * so we build one here (being careful to zero the unused bytes).
1662	 */
1663	bzero(&sin6, sizeof sin6);
1664	sin6.sin6_family = AF_INET6;
1665	sin6.sin6_len = sizeof sin6;
1666	sin6.sin6_addr = *maddr6;
1667	*errorp = if_addmulti(ifp, (struct sockaddr *)&sin6, &ifma);
1668	if (*errorp) {
1669		splx(s);
1670		return 0;
1671	}
1672
1673	/*
1674	 * If ifma->ifma_protospec is null, then if_addmulti() created
1675	 * a new record.  Otherwise, we are done.
1676	 */
1677	if (ifma->ifma_protospec != 0)
1678		return ifma->ifma_protospec;
1679
1680	/* XXX - if_addmulti uses M_WAITOK.  Can this really be called
1681	   at interrupt time?  If so, need to fix if_addmulti. XXX */
1682	in6m = (struct in6_multi *)malloc(sizeof(*in6m), M_IPMADDR, M_NOWAIT);
1683	if (in6m == NULL) {
1684		splx(s);
1685		return (NULL);
1686	}
1687
1688	bzero(in6m, sizeof *in6m);
1689	in6m->in6m_addr = *maddr6;
1690	in6m->in6m_ifp = ifp;
1691	in6m->in6m_ifma = ifma;
1692	ifma->ifma_protospec = in6m;
1693	LIST_INSERT_HEAD(&in6_multihead, in6m, in6m_entry);
1694
1695	/*
1696	 * Let MLD6 know that we have joined a new IP6 multicast
1697	 * group.
1698	 */
1699	mld6_start_listening(in6m);
1700	splx(s);
1701	return(in6m);
1702}
1703
1704/*
1705 * Delete a multicast address record.
1706 */
1707void
1708in6_delmulti(in6m)
1709	struct in6_multi *in6m;
1710{
1711	struct ifmultiaddr *ifma = in6m->in6m_ifma;
1712	int	s = splnet();
1713
1714	if (ifma->ifma_refcount == 1) {
1715		/*
1716		 * No remaining claims to this record; let MLD6 know
1717		 * that we are leaving the multicast group.
1718		 */
1719		mld6_stop_listening(in6m);
1720		ifma->ifma_protospec = 0;
1721		LIST_REMOVE(in6m, in6m_entry);
1722		free(in6m, M_IPMADDR);
1723	}
1724	/* XXX - should be separate API for when we have an ifma? */
1725	if_delmulti(ifma->ifma_ifp, ifma->ifma_addr);
1726	splx(s);
1727}
1728
1729/*
1730 * Find an IPv6 interface link-local address specific to an interface.
1731 */
1732struct in6_ifaddr *
1733in6ifa_ifpforlinklocal(ifp, ignoreflags)
1734	struct ifnet *ifp;
1735	int ignoreflags;
1736{
1737	struct ifaddr *ifa;
1738
1739	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
1740	{
1741		if (ifa->ifa_addr == NULL)
1742			continue;	/* just for safety */
1743		if (ifa->ifa_addr->sa_family != AF_INET6)
1744			continue;
1745		if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
1746			if ((((struct in6_ifaddr *)ifa)->ia6_flags &
1747			     ignoreflags) != 0)
1748				continue;
1749			break;
1750		}
1751	}
1752
1753	return((struct in6_ifaddr *)ifa);
1754}
1755
1756
1757/*
1758 * find the internet address corresponding to a given interface and address.
1759 */
1760struct in6_ifaddr *
1761in6ifa_ifpwithaddr(ifp, addr)
1762	struct ifnet *ifp;
1763	struct in6_addr *addr;
1764{
1765	struct ifaddr *ifa;
1766
1767	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
1768	{
1769		if (ifa->ifa_addr == NULL)
1770			continue;	/* just for safety */
1771		if (ifa->ifa_addr->sa_family != AF_INET6)
1772			continue;
1773		if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa)))
1774			break;
1775	}
1776
1777	return((struct in6_ifaddr *)ifa);
1778}
1779
1780/*
1781 * Convert IP6 address to printable (loggable) representation.
1782 */
1783static char digits[] = "0123456789abcdef";
1784static int ip6round = 0;
1785char *
1786ip6_sprintf(addr)
1787	const struct in6_addr *addr;
1788{
1789	static char ip6buf[8][48];
1790	int i;
1791	char *cp;
1792	u_short *a = (u_short *)addr;
1793	u_char *d;
1794	int dcolon = 0;
1795
1796	ip6round = (ip6round + 1) & 7;
1797	cp = ip6buf[ip6round];
1798
1799	for (i = 0; i < 8; i++) {
1800		if (dcolon == 1) {
1801			if (*a == 0) {
1802				if (i == 7)
1803					*cp++ = ':';
1804				a++;
1805				continue;
1806			} else
1807				dcolon = 2;
1808		}
1809		if (*a == 0) {
1810			if (dcolon == 0 && *(a + 1) == 0) {
1811				if (i == 0)
1812					*cp++ = ':';
1813				*cp++ = ':';
1814				dcolon = 1;
1815			} else {
1816				*cp++ = '0';
1817				*cp++ = ':';
1818			}
1819			a++;
1820			continue;
1821		}
1822		d = (u_char *)a;
1823		*cp++ = digits[*d >> 4];
1824		*cp++ = digits[*d++ & 0xf];
1825		*cp++ = digits[*d >> 4];
1826		*cp++ = digits[*d & 0xf];
1827		*cp++ = ':';
1828		a++;
1829	}
1830	*--cp = 0;
1831	return(ip6buf[ip6round]);
1832}
1833
1834int
1835in6_localaddr(in6)
1836	struct in6_addr *in6;
1837{
1838	struct in6_ifaddr *ia;
1839
1840	if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
1841		return 1;
1842
1843	for (ia = in6_ifaddr; ia; ia = ia->ia_next)
1844		if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
1845					      &ia->ia_prefixmask.sin6_addr))
1846			return 1;
1847
1848	return (0);
1849}
1850
1851int
1852in6_is_addr_deprecated(sa6)
1853	struct sockaddr_in6 *sa6;
1854{
1855	struct in6_ifaddr *ia;
1856
1857	for (ia = in6_ifaddr; ia; ia = ia->ia_next) {
1858		if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr,
1859				       &sa6->sin6_addr) &&
1860#ifdef SCOPEDROUTING
1861		    ia->ia_addr.sin6_scope_id == sa6->sin6_scope_id &&
1862#endif
1863		    (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0)
1864			return(1); /* true */
1865
1866		/* XXX: do we still have to go thru the rest of the list? */
1867	}
1868
1869	return(0);		/* false */
1870}
1871
1872/*
1873 * return length of part which dst and src are equal
1874 * hard coding...
1875 */
1876int
1877in6_matchlen(src, dst)
1878struct in6_addr *src, *dst;
1879{
1880	int match = 0;
1881	u_char *s = (u_char *)src, *d = (u_char *)dst;
1882	u_char *lim = s + 16, r;
1883
1884	while (s < lim)
1885		if ((r = (*d++ ^ *s++)) != 0) {
1886			while (r < 128) {
1887				match++;
1888				r <<= 1;
1889			}
1890			break;
1891		} else
1892			match += 8;
1893	return match;
1894}
1895
1896/* XXX: to be scope conscious */
1897int
1898in6_are_prefix_equal(p1, p2, len)
1899	struct in6_addr *p1, *p2;
1900	int len;
1901{
1902	int bytelen, bitlen;
1903
1904	/* sanity check */
1905	if (0 > len || len > 128) {
1906		log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
1907		    len);
1908		return(0);
1909	}
1910
1911	bytelen = len / 8;
1912	bitlen = len % 8;
1913
1914	if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
1915		return(0);
1916	if (p1->s6_addr[bytelen] >> (8 - bitlen) !=
1917	    p2->s6_addr[bytelen] >> (8 - bitlen))
1918		return(0);
1919
1920	return(1);
1921}
1922
1923void
1924in6_prefixlen2mask(maskp, len)
1925	struct in6_addr *maskp;
1926	int len;
1927{
1928	u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
1929	int bytelen, bitlen, i;
1930
1931	/* sanity check */
1932	if (0 > len || len > 128) {
1933		log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
1934		    len);
1935		return;
1936	}
1937
1938	bzero(maskp, sizeof(*maskp));
1939	bytelen = len / 8;
1940	bitlen = len % 8;
1941	for (i = 0; i < bytelen; i++)
1942		maskp->s6_addr[i] = 0xff;
1943	if (bitlen)
1944		maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
1945}
1946
1947/*
1948 * return the best address out of the same scope
1949 */
1950struct in6_ifaddr *
1951in6_ifawithscope(oifp, dst)
1952	struct ifnet *oifp;
1953	struct in6_addr *dst;
1954{
1955	int dst_scope =	in6_addrscope(dst), src_scope, best_scope = 0;
1956	int blen = -1;
1957	struct ifaddr *ifa;
1958	struct ifnet *ifp;
1959	struct in6_ifaddr *ifa_best = NULL;
1960
1961	if (oifp == NULL) {
1962#if 0
1963		printf("in6_ifawithscope: output interface is not specified\n");
1964#endif
1965		return(NULL);
1966	}
1967
1968	/*
1969	 * We search for all addresses on all interfaces from the beginning.
1970	 * Comparing an interface with the outgoing interface will be done
1971	 * only at the final stage of tiebreaking.
1972	 */
1973	for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list))
1974	{
1975		/*
1976		 * We can never take an address that breaks the scope zone
1977		 * of the destination.
1978		 */
1979		if (in6_addr2scopeid(ifp, dst) != in6_addr2scopeid(oifp, dst))
1980			continue;
1981
1982		TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
1983		{
1984			int tlen = -1, dscopecmp, bscopecmp, matchcmp;
1985
1986			if (ifa->ifa_addr->sa_family != AF_INET6)
1987				continue;
1988
1989			src_scope = in6_addrscope(IFA_IN6(ifa));
1990
1991			/*
1992			 * Don't use an address before completing DAD
1993			 * nor a duplicated address.
1994			 */
1995			if (((struct in6_ifaddr *)ifa)->ia6_flags &
1996			    IN6_IFF_NOTREADY)
1997				continue;
1998
1999			/* XXX: is there any case to allow anycasts? */
2000			if (((struct in6_ifaddr *)ifa)->ia6_flags &
2001			    IN6_IFF_ANYCAST)
2002				continue;
2003
2004			if (((struct in6_ifaddr *)ifa)->ia6_flags &
2005			    IN6_IFF_DETACHED)
2006				continue;
2007
2008			/*
2009			 * If this is the first address we find,
2010			 * keep it anyway.
2011			 */
2012			if (ifa_best == NULL)
2013				goto replace;
2014
2015			/*
2016			 * ifa_best is never NULL beyond this line except
2017			 * within the block labeled "replace".
2018			 */
2019
2020			/*
2021			 * If ifa_best has a smaller scope than dst and
2022			 * the current address has a larger one than
2023			 * (or equal to) dst, always replace ifa_best.
2024			 * Also, if the current address has a smaller scope
2025			 * than dst, ignore it unless ifa_best also has a
2026			 * smaller scope.
2027			 * Consequently, after the two if-clause below,
2028			 * the followings must be satisfied:
2029			 * (scope(src) < scope(dst) &&
2030			 *  scope(best) < scope(dst))
2031			 *  OR
2032			 * (scope(best) >= scope(dst) &&
2033			 *  scope(src) >= scope(dst))
2034			 */
2035			if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0 &&
2036			    IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= 0)
2037				goto replace; /* (A) */
2038			if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < 0 &&
2039			    IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= 0)
2040				continue; /* (B) */
2041
2042			/*
2043			 * A deprecated address SHOULD NOT be used in new
2044			 * communications if an alternate (non-deprecated)
2045			 * address is available and has sufficient scope.
2046			 * RFC 2462, Section 5.5.4.
2047			 */
2048			if (((struct in6_ifaddr *)ifa)->ia6_flags &
2049			    IN6_IFF_DEPRECATED) {
2050				/*
2051				 * Ignore any deprecated addresses if
2052				 * specified by configuration.
2053				 */
2054				if (!ip6_use_deprecated)
2055					continue;
2056
2057				/*
2058				 * If we have already found a non-deprecated
2059				 * candidate, just ignore deprecated addresses.
2060				 */
2061				if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED)
2062				    == 0)
2063					continue;
2064			}
2065
2066			/*
2067			 * A non-deprecated address is always preferred
2068			 * to a deprecated one regardless of scopes and
2069			 * address matching (Note invariants ensured by the
2070			 * conditions (A) and (B) above.)
2071			 */
2072			if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) &&
2073			    (((struct in6_ifaddr *)ifa)->ia6_flags &
2074			     IN6_IFF_DEPRECATED) == 0)
2075				goto replace;
2076
2077			/*
2078			 * When we use temporary addresses described in
2079			 * RFC 3041, we prefer temporary addresses to
2080			 * public autoconf addresses.  Again, note the
2081			 * invariants from (A) and (B).  Also note that we
2082			 * don't have any preference between static addresses
2083			 * and autoconf addresses (despite of whether or not
2084			 * the latter is temporary or public.)
2085			 */
2086			if (ip6_use_tempaddr) {
2087				struct in6_ifaddr *ifat;
2088
2089				ifat = (struct in6_ifaddr *)ifa;
2090				if ((ifa_best->ia6_flags &
2091				     (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
2092				     == IN6_IFF_AUTOCONF &&
2093				    (ifat->ia6_flags &
2094				     (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
2095				     == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) {
2096					goto replace;
2097				}
2098				if ((ifa_best->ia6_flags &
2099				     (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
2100				    == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY) &&
2101				    (ifat->ia6_flags &
2102				     (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY))
2103				     == IN6_IFF_AUTOCONF) {
2104					continue;
2105				}
2106			}
2107
2108			/*
2109			 * At this point, we have two cases:
2110			 * 1. we are looking at a non-deprecated address,
2111			 *    and ifa_best is also non-deprecated.
2112			 * 2. we are looking at a deprecated address,
2113			 *    and ifa_best is also deprecated.
2114			 * Also, we do not have to consider a case where
2115			 * the scope of if_best is larger(smaller) than dst and
2116			 * the scope of the current address is smaller(larger)
2117			 * than dst. Such a case has already been covered.
2118			 * Tiebreaking is done according to the following
2119			 * items:
2120			 * - the scope comparison between the address and
2121			 *   dst (dscopecmp)
2122			 * - the scope comparison between the address and
2123			 *   ifa_best (bscopecmp)
2124			 * - if the address match dst longer than ifa_best
2125			 *   (matchcmp)
2126			 * - if the address is on the outgoing I/F (outI/F)
2127			 *
2128			 * Roughly speaking, the selection policy is
2129			 * - the most important item is scope. The same scope
2130			 *   is best. Then search for a larger scope.
2131			 *   Smaller scopes are the last resort.
2132			 * - A deprecated address is chosen only when we have
2133			 *   no address that has an enough scope, but is
2134			 *   prefered to any addresses of smaller scopes
2135			 *   (this must be already done above.)
2136			 * - addresses on the outgoing I/F are preferred to
2137			 *   ones on other interfaces if none of above
2138			 *   tiebreaks.  In the table below, the column "bI"
2139			 *   means if the best_ifa is on the outgoing
2140			 *   interface, and the column "sI" means if the ifa
2141			 *   is on the outgoing interface.
2142			 * - If there is no other reasons to choose one,
2143			 *   longest address match against dst is considered.
2144			 *
2145			 * The precise decision table is as follows:
2146			 * dscopecmp bscopecmp    match  bI oI | replace?
2147			 *       N/A     equal      N/A   Y  N |   No (1)
2148			 *       N/A     equal      N/A   N  Y |  Yes (2)
2149			 *       N/A     equal   larger    N/A |  Yes (3)
2150			 *       N/A     equal  !larger    N/A |   No (4)
2151			 *    larger    larger      N/A    N/A |   No (5)
2152			 *    larger   smaller      N/A    N/A |  Yes (6)
2153			 *   smaller    larger      N/A    N/A |  Yes (7)
2154			 *   smaller   smaller      N/A    N/A |   No (8)
2155			 *     equal   smaller      N/A    N/A |  Yes (9)
2156			 *     equal    larger       (already done at A above)
2157			 */
2158			dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope);
2159			bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope);
2160
2161			if (bscopecmp == 0) {
2162				struct ifnet *bifp = ifa_best->ia_ifp;
2163
2164				if (bifp == oifp && ifp != oifp) /* (1) */
2165					continue;
2166				if (bifp != oifp && ifp == oifp) /* (2) */
2167					goto replace;
2168
2169				/*
2170				 * Both bifp and ifp are on the outgoing
2171				 * interface, or both two are on a different
2172				 * interface from the outgoing I/F.
2173				 * now we need address matching against dst
2174				 * for tiebreaking.
2175				 */
2176				tlen = in6_matchlen(IFA_IN6(ifa), dst);
2177				matchcmp = tlen - blen;
2178				if (matchcmp > 0) /* (3) */
2179					goto replace;
2180				continue; /* (4) */
2181			}
2182			if (dscopecmp > 0) {
2183				if (bscopecmp > 0) /* (5) */
2184					continue;
2185				goto replace; /* (6) */
2186			}
2187			if (dscopecmp < 0) {
2188				if (bscopecmp > 0) /* (7) */
2189					goto replace;
2190				continue; /* (8) */
2191			}
2192
2193			/* now dscopecmp must be 0 */
2194			if (bscopecmp < 0)
2195				goto replace; /* (9) */
2196
2197		  replace:
2198			ifa_best = (struct in6_ifaddr *)ifa;
2199			blen = tlen >= 0 ? tlen :
2200				in6_matchlen(IFA_IN6(ifa), dst);
2201			best_scope = in6_addrscope(&ifa_best->ia_addr.sin6_addr);
2202		}
2203	}
2204
2205	/* count statistics for future improvements */
2206	if (ifa_best == NULL)
2207		ip6stat.ip6s_sources_none++;
2208	else {
2209		if (oifp == ifa_best->ia_ifp)
2210			ip6stat.ip6s_sources_sameif[best_scope]++;
2211		else
2212			ip6stat.ip6s_sources_otherif[best_scope]++;
2213
2214		if (best_scope == dst_scope)
2215			ip6stat.ip6s_sources_samescope[best_scope]++;
2216		else
2217			ip6stat.ip6s_sources_otherscope[best_scope]++;
2218
2219		if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) != 0)
2220			ip6stat.ip6s_sources_deprecated[best_scope]++;
2221	}
2222
2223	return(ifa_best);
2224}
2225
2226/*
2227 * return the best address out of the same scope. if no address was
2228 * found, return the first valid address from designated IF.
2229 */
2230struct in6_ifaddr *
2231in6_ifawithifp(ifp, dst)
2232	struct ifnet *ifp;
2233	struct in6_addr *dst;
2234{
2235	int dst_scope =	in6_addrscope(dst), blen = -1, tlen;
2236	struct ifaddr *ifa;
2237	struct in6_ifaddr *besta = 0;
2238	struct in6_ifaddr *dep[2];	/*last-resort: deprecated*/
2239
2240	dep[0] = dep[1] = NULL;
2241
2242	/*
2243	 * We first look for addresses in the same scope.
2244	 * If there is one, return it.
2245	 * If two or more, return one which matches the dst longest.
2246	 * If none, return one of global addresses assigned other ifs.
2247	 */
2248	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
2249	{
2250		if (ifa->ifa_addr->sa_family != AF_INET6)
2251			continue;
2252		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2253			continue; /* XXX: is there any case to allow anycast? */
2254		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2255			continue; /* don't use this interface */
2256		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2257			continue;
2258		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2259			if (ip6_use_deprecated)
2260				dep[0] = (struct in6_ifaddr *)ifa;
2261			continue;
2262		}
2263
2264		if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
2265			/*
2266			 * call in6_matchlen() as few as possible
2267			 */
2268			if (besta) {
2269				if (blen == -1)
2270					blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
2271				tlen = in6_matchlen(IFA_IN6(ifa), dst);
2272				if (tlen > blen) {
2273					blen = tlen;
2274					besta = (struct in6_ifaddr *)ifa;
2275				}
2276			} else
2277				besta = (struct in6_ifaddr *)ifa;
2278		}
2279	}
2280	if (besta)
2281		return(besta);
2282
2283	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
2284	{
2285		if (ifa->ifa_addr->sa_family != AF_INET6)
2286			continue;
2287		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2288			continue; /* XXX: is there any case to allow anycast? */
2289		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2290			continue; /* don't use this interface */
2291		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2292			continue;
2293		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2294			if (ip6_use_deprecated)
2295				dep[1] = (struct in6_ifaddr *)ifa;
2296			continue;
2297		}
2298
2299		return (struct in6_ifaddr *)ifa;
2300	}
2301
2302	/* use the last-resort values, that are, deprecated addresses */
2303	if (dep[0])
2304		return dep[0];
2305	if (dep[1])
2306		return dep[1];
2307
2308	return NULL;
2309}
2310
2311/*
2312 * perform DAD when interface becomes IFF_UP.
2313 */
2314void
2315in6_if_up(ifp)
2316	struct ifnet *ifp;
2317{
2318	struct ifaddr *ifa;
2319	struct in6_ifaddr *ia;
2320	int dad_delay;		/* delay ticks before DAD output */
2321
2322	/*
2323	 * special cases, like 6to4, are handled in in6_ifattach
2324	 */
2325	in6_ifattach(ifp, NULL);
2326
2327	dad_delay = 0;
2328	TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list)
2329	{
2330		if (ifa->ifa_addr->sa_family != AF_INET6)
2331			continue;
2332		ia = (struct in6_ifaddr *)ifa;
2333		if (ia->ia6_flags & IN6_IFF_TENTATIVE)
2334			nd6_dad_start(ifa, &dad_delay);
2335	}
2336}
2337
2338int
2339in6if_do_dad(ifp)
2340	struct ifnet *ifp;
2341{
2342	if ((ifp->if_flags & IFF_LOOPBACK) != 0)
2343		return(0);
2344
2345	switch (ifp->if_type) {
2346#ifdef IFT_DUMMY
2347	case IFT_DUMMY:
2348#endif
2349	case IFT_FAITH:
2350		/*
2351		 * These interfaces do not have the IFF_LOOPBACK flag,
2352		 * but loop packets back.  We do not have to do DAD on such
2353		 * interfaces.  We should even omit it, because loop-backed
2354		 * NS would confuse the DAD procedure.
2355		 */
2356		return(0);
2357	default:
2358		/*
2359		 * Our DAD routine requires the interface up and running.
2360		 * However, some interfaces can be up before the RUNNING
2361		 * status.  Additionaly, users may try to assign addresses
2362		 * before the interface becomes up (or running).
2363		 * We simply skip DAD in such a case as a work around.
2364		 * XXX: we should rather mark "tentative" on such addresses,
2365		 * and do DAD after the interface becomes ready.
2366		 */
2367		if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) !=
2368		    (IFF_UP|IFF_RUNNING))
2369			return(0);
2370
2371		return(1);
2372	}
2373}
2374
2375/*
2376 * Calculate max IPv6 MTU through all the interfaces and store it
2377 * to in6_maxmtu.
2378 */
2379void
2380in6_setmaxmtu()
2381{
2382	unsigned long maxmtu = 0;
2383	struct ifnet *ifp;
2384
2385	for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list))
2386	{
2387		if ((ifp->if_flags & IFF_LOOPBACK) == 0 &&
2388		    nd_ifinfo[ifp->if_index].linkmtu > maxmtu)
2389			maxmtu =  nd_ifinfo[ifp->if_index].linkmtu;
2390	}
2391	if (maxmtu)	/* update only when maxmtu is positive */
2392		in6_maxmtu = maxmtu;
2393}
2394
2395/*
2396 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be
2397 * v4 mapped addr or v4 compat addr
2398 */
2399void
2400in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2401{
2402	bzero(sin, sizeof(*sin));
2403	sin->sin_len = sizeof(struct sockaddr_in);
2404	sin->sin_family = AF_INET;
2405	sin->sin_port = sin6->sin6_port;
2406	sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
2407}
2408
2409/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
2410void
2411in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2412{
2413	bzero(sin6, sizeof(*sin6));
2414	sin6->sin6_len = sizeof(struct sockaddr_in6);
2415	sin6->sin6_family = AF_INET6;
2416	sin6->sin6_port = sin->sin_port;
2417	sin6->sin6_addr.s6_addr32[0] = 0;
2418	sin6->sin6_addr.s6_addr32[1] = 0;
2419	sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
2420	sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
2421}
2422
2423/* Convert sockaddr_in6 into sockaddr_in. */
2424void
2425in6_sin6_2_sin_in_sock(struct sockaddr *nam)
2426{
2427	struct sockaddr_in *sin_p;
2428	struct sockaddr_in6 sin6;
2429
2430	/*
2431	 * Save original sockaddr_in6 addr and convert it
2432	 * to sockaddr_in.
2433	 */
2434	sin6 = *(struct sockaddr_in6 *)nam;
2435	sin_p = (struct sockaddr_in *)nam;
2436	in6_sin6_2_sin(sin_p, &sin6);
2437}
2438
2439/* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */
2440void
2441in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam)
2442{
2443	struct sockaddr_in *sin_p;
2444	struct sockaddr_in6 *sin6_p;
2445
2446	MALLOC(sin6_p, struct sockaddr_in6 *, sizeof *sin6_p, M_SONAME,
2447	       M_WAITOK);
2448	sin_p = (struct sockaddr_in *)*nam;
2449	in6_sin_2_v4mapsin6(sin_p, sin6_p);
2450	FREE(*nam, M_SONAME);
2451	*nam = (struct sockaddr *)sin6_p;
2452}
2453