17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate * CDDL HEADER START
37c478bd9Sstevel@tonic-gate *
47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the
577c67f2fSkcpoon * Common Development and Distribution License (the "License").
677c67f2fSkcpoon * You may not use this file except in compliance with the License.
77c478bd9Sstevel@tonic-gate *
87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions
117c478bd9Sstevel@tonic-gate * and limitations under the License.
127c478bd9Sstevel@tonic-gate *
137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bd9Sstevel@tonic-gate *
197c478bd9Sstevel@tonic-gate * CDDL HEADER END
207c478bd9Sstevel@tonic-gate */
2177c67f2fSkcpoon
227c478bd9Sstevel@tonic-gate /*
23481845d8SGeorge Shepherd * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
247c478bd9Sstevel@tonic-gate */
257c478bd9Sstevel@tonic-gate
267c478bd9Sstevel@tonic-gate #include <sys/types.h>
277c478bd9Sstevel@tonic-gate #include <sys/systm.h>
287c478bd9Sstevel@tonic-gate #include <sys/stream.h>
297c478bd9Sstevel@tonic-gate #include <sys/ddi.h>
307c478bd9Sstevel@tonic-gate #include <sys/sunddi.h>
317c478bd9Sstevel@tonic-gate #include <sys/strsubr.h>
327c478bd9Sstevel@tonic-gate #include <sys/strsun.h>
337c478bd9Sstevel@tonic-gate
347c478bd9Sstevel@tonic-gate #include <netinet/in.h>
357c478bd9Sstevel@tonic-gate #include <netinet/ip6.h>
367c478bd9Sstevel@tonic-gate
37bd670b35SErik Nordmark #include <inet/ipsec_impl.h>
387c478bd9Sstevel@tonic-gate #include <inet/common.h>
397c478bd9Sstevel@tonic-gate #include <inet/ip.h>
407c478bd9Sstevel@tonic-gate #include <inet/ip6.h>
417c478bd9Sstevel@tonic-gate #include <inet/mib2.h>
427c478bd9Sstevel@tonic-gate #include <inet/nd.h>
437c478bd9Sstevel@tonic-gate #include <inet/optcom.h>
447c478bd9Sstevel@tonic-gate #include <inet/sctp_ip.h>
45f4b3ec61Sdh #include <inet/ipclassifier.h>
467c478bd9Sstevel@tonic-gate #include "sctp_impl.h"
477c478bd9Sstevel@tonic-gate
487c478bd9Sstevel@tonic-gate void
sctp_send_shutdown(sctp_t * sctp,int rexmit)497c478bd9Sstevel@tonic-gate sctp_send_shutdown(sctp_t *sctp, int rexmit)
507c478bd9Sstevel@tonic-gate {
517c478bd9Sstevel@tonic-gate mblk_t *smp;
527c478bd9Sstevel@tonic-gate mblk_t *sendmp;
537c478bd9Sstevel@tonic-gate sctp_chunk_hdr_t *sch;
547c478bd9Sstevel@tonic-gate uint32_t *ctsn;
557c478bd9Sstevel@tonic-gate sctp_faddr_t *fp;
56f4b3ec61Sdh sctp_stack_t *sctps = sctp->sctp_sctps;
577c478bd9Sstevel@tonic-gate
587c478bd9Sstevel@tonic-gate if (sctp->sctp_state != SCTPS_ESTABLISHED &&
597c478bd9Sstevel@tonic-gate sctp->sctp_state != SCTPS_SHUTDOWN_PENDING &&
607c478bd9Sstevel@tonic-gate sctp->sctp_state != SCTPS_SHUTDOWN_SENT) {
617c478bd9Sstevel@tonic-gate return;
627c478bd9Sstevel@tonic-gate }
637c478bd9Sstevel@tonic-gate
647c478bd9Sstevel@tonic-gate if (sctp->sctp_state == SCTPS_ESTABLISHED) {
657c478bd9Sstevel@tonic-gate sctp->sctp_state = SCTPS_SHUTDOWN_PENDING;
667c478bd9Sstevel@tonic-gate /*
677c478bd9Sstevel@tonic-gate * We set an upper bound on how long we will
687c478bd9Sstevel@tonic-gate * wait for a shutdown-ack from the peer. This
697c478bd9Sstevel@tonic-gate * is to prevent the receiver from attempting
707c478bd9Sstevel@tonic-gate * to create a half-closed state indefinately.
717c478bd9Sstevel@tonic-gate * See archive from IETF TSVWG mailing list
727c478bd9Sstevel@tonic-gate * for June 2001 for more information.
737c478bd9Sstevel@tonic-gate * Since we will not be calculating RTTs after
747c478bd9Sstevel@tonic-gate * sending the shutdown, we can overload out_time
757c478bd9Sstevel@tonic-gate * to track how long we have waited.
767c478bd9Sstevel@tonic-gate */
77d3d50737SRafael Vanoni sctp->sctp_out_time = ddi_get_lbolt64();
787c478bd9Sstevel@tonic-gate }
797c478bd9Sstevel@tonic-gate
807c478bd9Sstevel@tonic-gate /*
817c478bd9Sstevel@tonic-gate * If there is unsent (or unacked) data, wait for it to get ack'd
827c478bd9Sstevel@tonic-gate */
837c478bd9Sstevel@tonic-gate if (sctp->sctp_xmit_head != NULL || sctp->sctp_xmit_unsent != NULL) {
847c478bd9Sstevel@tonic-gate return;
857c478bd9Sstevel@tonic-gate }
867c478bd9Sstevel@tonic-gate
877c478bd9Sstevel@tonic-gate /* rotate faddrs if we are retransmitting */
887c478bd9Sstevel@tonic-gate if (!rexmit) {
897c478bd9Sstevel@tonic-gate fp = sctp->sctp_current;
907c478bd9Sstevel@tonic-gate } else {
917c478bd9Sstevel@tonic-gate fp = sctp_rotate_faddr(sctp, sctp->sctp_shutdown_faddr);
927c478bd9Sstevel@tonic-gate }
937c478bd9Sstevel@tonic-gate
947c478bd9Sstevel@tonic-gate sctp->sctp_shutdown_faddr = fp;
957c478bd9Sstevel@tonic-gate
967c478bd9Sstevel@tonic-gate /* Link in a SACK if resending the shutdown */
977c478bd9Sstevel@tonic-gate if (sctp->sctp_state > SCTPS_SHUTDOWN_PENDING &&
987c478bd9Sstevel@tonic-gate (sendmp = sctp_make_sack(sctp, fp, NULL)) != NULL) {
997c478bd9Sstevel@tonic-gate
1007c478bd9Sstevel@tonic-gate smp = allocb(sizeof (*sch) + sizeof (*ctsn), BPRI_MED);
1017c478bd9Sstevel@tonic-gate if (smp == NULL) {
1027c478bd9Sstevel@tonic-gate freemsg(sendmp);
1037c478bd9Sstevel@tonic-gate goto done;
1047c478bd9Sstevel@tonic-gate }
1057c478bd9Sstevel@tonic-gate linkb(sendmp, smp);
1067c478bd9Sstevel@tonic-gate
1077c478bd9Sstevel@tonic-gate sch = (sctp_chunk_hdr_t *)smp->b_rptr;
1087c478bd9Sstevel@tonic-gate smp->b_wptr = smp->b_rptr + sizeof (*sch) + sizeof (*ctsn);
1097c478bd9Sstevel@tonic-gate } else {
1107c478bd9Sstevel@tonic-gate sendmp = sctp_make_mp(sctp, fp,
1117c478bd9Sstevel@tonic-gate sizeof (*sch) + sizeof (*ctsn));
1127c478bd9Sstevel@tonic-gate if (sendmp == NULL) {
113f4b3ec61Sdh SCTP_KSTAT(sctps, sctp_send_shutdown_failed);
1147c478bd9Sstevel@tonic-gate goto done;
1157c478bd9Sstevel@tonic-gate }
1167c478bd9Sstevel@tonic-gate sch = (sctp_chunk_hdr_t *)sendmp->b_wptr;
1177c478bd9Sstevel@tonic-gate sendmp->b_wptr += sizeof (*sch) + sizeof (*ctsn);
1187c478bd9Sstevel@tonic-gate
1197c478bd9Sstevel@tonic-gate /* shutdown w/o sack, update lastacked */
1207c478bd9Sstevel@tonic-gate sctp->sctp_lastacked = sctp->sctp_ftsn - 1;
1217c478bd9Sstevel@tonic-gate }
1227c478bd9Sstevel@tonic-gate
1237c478bd9Sstevel@tonic-gate sch->sch_id = CHUNK_SHUTDOWN;
1247c478bd9Sstevel@tonic-gate sch->sch_flags = 0;
1257c478bd9Sstevel@tonic-gate sch->sch_len = htons(sizeof (*sch) + sizeof (*ctsn));
1267c478bd9Sstevel@tonic-gate
1277c478bd9Sstevel@tonic-gate ctsn = (uint32_t *)(sch + 1);
1287c478bd9Sstevel@tonic-gate *ctsn = htonl(sctp->sctp_lastacked);
1297c478bd9Sstevel@tonic-gate
1307c478bd9Sstevel@tonic-gate /* Link the shutdown chunk in after the IP/SCTP header */
1317c478bd9Sstevel@tonic-gate
1327c478bd9Sstevel@tonic-gate BUMP_LOCAL(sctp->sctp_obchunks);
1337c478bd9Sstevel@tonic-gate
1347c478bd9Sstevel@tonic-gate /* Send the shutdown and restart the timer */
135*6be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India sctp_set_iplen(sctp, sendmp, fp->sf_ixa);
136*6be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India (void) conn_ip_output(sendmp, fp->sf_ixa);
137bd670b35SErik Nordmark BUMP_LOCAL(sctp->sctp_opkts);
1387c478bd9Sstevel@tonic-gate
1397c478bd9Sstevel@tonic-gate done:
1407c478bd9Sstevel@tonic-gate sctp->sctp_state = SCTPS_SHUTDOWN_SENT;
1417c478bd9Sstevel@tonic-gate SCTP_FADDR_TIMER_RESTART(sctp, sctp->sctp_current,
142*6be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India sctp->sctp_current->sf_rto);
1437c478bd9Sstevel@tonic-gate }
1447c478bd9Sstevel@tonic-gate
1457c478bd9Sstevel@tonic-gate int
sctp_shutdown_received(sctp_t * sctp,sctp_chunk_hdr_t * sch,boolean_t crwsd,boolean_t rexmit,sctp_faddr_t * fp)14677c67f2fSkcpoon sctp_shutdown_received(sctp_t *sctp, sctp_chunk_hdr_t *sch, boolean_t crwsd,
14777c67f2fSkcpoon boolean_t rexmit, sctp_faddr_t *fp)
1487c478bd9Sstevel@tonic-gate {
1497c478bd9Sstevel@tonic-gate mblk_t *samp;
1507c478bd9Sstevel@tonic-gate uint32_t *tsn;
1517c478bd9Sstevel@tonic-gate int trysend = 0;
1527c478bd9Sstevel@tonic-gate
1537c478bd9Sstevel@tonic-gate if (sctp->sctp_state != SCTPS_SHUTDOWN_ACK_SENT)
1547c478bd9Sstevel@tonic-gate sctp->sctp_state = SCTPS_SHUTDOWN_RECEIVED;
1557c478bd9Sstevel@tonic-gate
1567c478bd9Sstevel@tonic-gate /* Extract and process the TSN in the shutdown chunk */
1577c478bd9Sstevel@tonic-gate if (sch != NULL) {
1587c478bd9Sstevel@tonic-gate tsn = (uint32_t *)(sch + 1);
159e18a8f3aSchandrasekar marimuthu - Sun Microsystems - Bangalore India /* not already acked */
160e18a8f3aSchandrasekar marimuthu - Sun Microsystems - Bangalore India if (!SEQ_LT(ntohl(*tsn), sctp->sctp_lastack_rxd))
161e18a8f3aSchandrasekar marimuthu - Sun Microsystems - Bangalore India trysend = sctp_cumack(sctp, ntohl(*tsn), &samp);
1627c478bd9Sstevel@tonic-gate }
1637c478bd9Sstevel@tonic-gate
1647c478bd9Sstevel@tonic-gate /* Don't allow sending new data */
165c31292eeSkcpoon if (!SCTP_IS_DETACHED(sctp) && !sctp->sctp_ulp_discon_done) {
1660f1702c5SYu Xiangning sctp->sctp_ulp_opctl(sctp->sctp_ulpd, SOCK_OPCTL_SHUT_SEND, 0);
167c31292eeSkcpoon sctp->sctp_ulp_discon_done = B_TRUE;
168c31292eeSkcpoon }
1697c478bd9Sstevel@tonic-gate
1707c478bd9Sstevel@tonic-gate /*
1717c478bd9Sstevel@tonic-gate * If there is unsent or unacked data, try sending them out now.
1727c478bd9Sstevel@tonic-gate * The other side should acknowledge them. After we have flushed
1737c478bd9Sstevel@tonic-gate * the transmit queue, we can complete the shutdown sequence.
1747c478bd9Sstevel@tonic-gate */
1757c478bd9Sstevel@tonic-gate if (sctp->sctp_xmit_head != NULL || sctp->sctp_xmit_unsent != NULL)
1767c478bd9Sstevel@tonic-gate return (1);
1777c478bd9Sstevel@tonic-gate
17877c67f2fSkcpoon if (fp == NULL) {
17977c67f2fSkcpoon /* rotate faddrs if we are retransmitting */
18077c67f2fSkcpoon if (!rexmit)
18177c67f2fSkcpoon fp = sctp->sctp_current;
18277c67f2fSkcpoon else
18377c67f2fSkcpoon fp = sctp_rotate_faddr(sctp, sctp->sctp_shutdown_faddr);
18477c67f2fSkcpoon }
1857c478bd9Sstevel@tonic-gate
1863e1dae9fSAnil udupa sctp_send_shutdown_ack(sctp, fp, crwsd);
1877c478bd9Sstevel@tonic-gate
1887c478bd9Sstevel@tonic-gate return (trysend);
1897c478bd9Sstevel@tonic-gate }
1907c478bd9Sstevel@tonic-gate
1917c478bd9Sstevel@tonic-gate void
sctp_shutdown_complete(sctp_t * sctp)1927c478bd9Sstevel@tonic-gate sctp_shutdown_complete(sctp_t *sctp)
1937c478bd9Sstevel@tonic-gate {
1947c478bd9Sstevel@tonic-gate mblk_t *scmp;
1957c478bd9Sstevel@tonic-gate sctp_chunk_hdr_t *scch;
196f4b3ec61Sdh sctp_stack_t *sctps = sctp->sctp_sctps;
1977c478bd9Sstevel@tonic-gate
198bd670b35SErik Nordmark scmp = sctp_make_mp(sctp, sctp->sctp_current, sizeof (*scch));
1997c478bd9Sstevel@tonic-gate if (scmp == NULL) {
2007c478bd9Sstevel@tonic-gate /* XXX use timer approach */
201f4b3ec61Sdh SCTP_KSTAT(sctps, sctp_send_shutdown_comp_failed);
2027c478bd9Sstevel@tonic-gate return;
2037c478bd9Sstevel@tonic-gate }
2047c478bd9Sstevel@tonic-gate
2057c478bd9Sstevel@tonic-gate scch = (sctp_chunk_hdr_t *)scmp->b_wptr;
2067c478bd9Sstevel@tonic-gate scch->sch_id = CHUNK_SHUTDOWN_COMPLETE;
2077c478bd9Sstevel@tonic-gate scch->sch_flags = 0;
2087c478bd9Sstevel@tonic-gate scch->sch_len = htons(sizeof (*scch));
2097c478bd9Sstevel@tonic-gate
2107c478bd9Sstevel@tonic-gate scmp->b_wptr += sizeof (*scch);
2117c478bd9Sstevel@tonic-gate
2127c478bd9Sstevel@tonic-gate BUMP_LOCAL(sctp->sctp_obchunks);
2137c478bd9Sstevel@tonic-gate
214*6be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India sctp_set_iplen(sctp, scmp, sctp->sctp_current->sf_ixa);
215*6be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India (void) conn_ip_output(scmp, sctp->sctp_current->sf_ixa);
216bd670b35SErik Nordmark BUMP_LOCAL(sctp->sctp_opkts);
2177c478bd9Sstevel@tonic-gate }
2187c478bd9Sstevel@tonic-gate
2197c478bd9Sstevel@tonic-gate /*
2207c478bd9Sstevel@tonic-gate * Similar to sctp_shutdown_complete(), except that since this
2217c478bd9Sstevel@tonic-gate * is out-of-the-blue, we can't use an sctp's association information,
2227c478bd9Sstevel@tonic-gate * and instead must draw all necessary info from the incoming packet.
2237c478bd9Sstevel@tonic-gate */
2247c478bd9Sstevel@tonic-gate void
sctp_ootb_shutdown_ack(mblk_t * mp,uint_t ip_hdr_len,ip_recv_attr_t * ira,ip_stack_t * ipst)225bd670b35SErik Nordmark sctp_ootb_shutdown_ack(mblk_t *mp, uint_t ip_hdr_len, ip_recv_attr_t *ira,
226bd670b35SErik Nordmark ip_stack_t *ipst)
2277c478bd9Sstevel@tonic-gate {
2287c478bd9Sstevel@tonic-gate boolean_t isv4;
229bd670b35SErik Nordmark ipha_t *ipha = NULL;
230bd670b35SErik Nordmark ip6_t *ip6h = NULL;
2317c478bd9Sstevel@tonic-gate sctp_hdr_t *insctph;
2327c478bd9Sstevel@tonic-gate sctp_chunk_hdr_t *scch;
2337c478bd9Sstevel@tonic-gate int i;
2347c478bd9Sstevel@tonic-gate uint16_t port;
2357c478bd9Sstevel@tonic-gate mblk_t *mp1;
236bd670b35SErik Nordmark netstack_t *ns = ipst->ips_netstack;
237bd670b35SErik Nordmark sctp_stack_t *sctps = ns->netstack_sctp;
238bd670b35SErik Nordmark ip_xmit_attr_t ixas;
2397c478bd9Sstevel@tonic-gate
240bd670b35SErik Nordmark bzero(&ixas, sizeof (ixas));
2417c478bd9Sstevel@tonic-gate
242bd670b35SErik Nordmark isv4 = (IPH_HDR_VERSION(mp->b_rptr) == IPV4_VERSION);
243bd670b35SErik Nordmark
244bd670b35SErik Nordmark ASSERT(MBLKL(mp) >= sizeof (*insctph) + sizeof (*scch) +
245bd670b35SErik Nordmark (isv4 ? sizeof (ipha_t) : sizeof (ip6_t)));
2467c478bd9Sstevel@tonic-gate
2477c478bd9Sstevel@tonic-gate /*
2487c478bd9Sstevel@tonic-gate * Check to see if we can reuse the incoming mblk. There should
249bd670b35SErik Nordmark * not be other reference. Since this packet comes from below,
2507c478bd9Sstevel@tonic-gate * there should be enough header space to fill in what the lower
251bd670b35SErik Nordmark * layers want to add.
2527c478bd9Sstevel@tonic-gate */
253bd670b35SErik Nordmark if (DB_REF(mp) != 1) {
254bd670b35SErik Nordmark mp1 = allocb(MBLKL(mp) + sctps->sctps_wroff_xtra, BPRI_MED);
2557c478bd9Sstevel@tonic-gate if (mp1 == NULL) {
256bd670b35SErik Nordmark freeb(mp);
2577c478bd9Sstevel@tonic-gate return;
2587c478bd9Sstevel@tonic-gate }
259f4b3ec61Sdh mp1->b_rptr += sctps->sctps_wroff_xtra;
260bd670b35SErik Nordmark bcopy(mp->b_rptr, mp1->b_rptr, MBLKL(mp));
261bd670b35SErik Nordmark freeb(mp);
262bd670b35SErik Nordmark mp = mp1;
263769b977dSvi } else {
264bd670b35SErik Nordmark DB_CKSUMFLAGS(mp) = 0;
2657c478bd9Sstevel@tonic-gate }
2667c478bd9Sstevel@tonic-gate
267bd670b35SErik Nordmark ixas.ixa_pktlen = ip_hdr_len + sizeof (*insctph) + sizeof (*scch);
268bd670b35SErik Nordmark ixas.ixa_ip_hdr_length = ip_hdr_len;
269481845d8SGeorge Shepherd mp->b_wptr = (mp->b_rptr + ixas.ixa_pktlen);
270481845d8SGeorge Shepherd
2717c478bd9Sstevel@tonic-gate /*
2727c478bd9Sstevel@tonic-gate * We follow the logic in tcp_xmit_early_reset() in that we skip
273bd670b35SErik Nordmark * reversing source route (i.e. replace all IP options with EOL).
2747c478bd9Sstevel@tonic-gate */
2757c478bd9Sstevel@tonic-gate if (isv4) {
2767c478bd9Sstevel@tonic-gate ipaddr_t v4addr;
2777c478bd9Sstevel@tonic-gate
278bd670b35SErik Nordmark ipha = (ipha_t *)mp->b_rptr;
2797c478bd9Sstevel@tonic-gate for (i = IP_SIMPLE_HDR_LENGTH; i < (int)ip_hdr_len; i++)
280bd670b35SErik Nordmark mp->b_rptr[i] = IPOPT_EOL;
2817c478bd9Sstevel@tonic-gate /* Swap addresses */
282bd670b35SErik Nordmark ipha->ipha_length = htons(ixas.ixa_pktlen);
283bd670b35SErik Nordmark v4addr = ipha->ipha_src;
284bd670b35SErik Nordmark ipha->ipha_src = ipha->ipha_dst;
285bd670b35SErik Nordmark ipha->ipha_dst = v4addr;
286bd670b35SErik Nordmark ipha->ipha_ident = 0;
287bd670b35SErik Nordmark ipha->ipha_ttl = (uchar_t)sctps->sctps_ipv4_ttl;
288bd670b35SErik Nordmark
289bd670b35SErik Nordmark ixas.ixa_flags = IXAF_BASIC_SIMPLE_V4;
2907c478bd9Sstevel@tonic-gate } else {
2917c478bd9Sstevel@tonic-gate in6_addr_t v6addr;
2927c478bd9Sstevel@tonic-gate
293bd670b35SErik Nordmark ip6h = (ip6_t *)mp->b_rptr;
2947c478bd9Sstevel@tonic-gate /* Remove any extension headers assuming partial overlay */
2957c478bd9Sstevel@tonic-gate if (ip_hdr_len > IPV6_HDR_LEN) {
2967c478bd9Sstevel@tonic-gate uint8_t *to;
2977c478bd9Sstevel@tonic-gate
298bd670b35SErik Nordmark to = mp->b_rptr + ip_hdr_len - IPV6_HDR_LEN;
299bd670b35SErik Nordmark ovbcopy(ip6h, to, IPV6_HDR_LEN);
300bd670b35SErik Nordmark mp->b_rptr += ip_hdr_len - IPV6_HDR_LEN;
3017c478bd9Sstevel@tonic-gate ip_hdr_len = IPV6_HDR_LEN;
302bd670b35SErik Nordmark ip6h = (ip6_t *)mp->b_rptr;
303bd670b35SErik Nordmark ip6h->ip6_nxt = IPPROTO_SCTP;
304bd670b35SErik Nordmark }
305bd670b35SErik Nordmark ip6h->ip6_plen = htons(ixas.ixa_pktlen - IPV6_HDR_LEN);
306bd670b35SErik Nordmark v6addr = ip6h->ip6_src;
307bd670b35SErik Nordmark ip6h->ip6_src = ip6h->ip6_dst;
308bd670b35SErik Nordmark ip6h->ip6_dst = v6addr;
309bd670b35SErik Nordmark ip6h->ip6_hops = (uchar_t)sctps->sctps_ipv6_hoplimit;
310bd670b35SErik Nordmark
311bd670b35SErik Nordmark ixas.ixa_flags = IXAF_BASIC_SIMPLE_V6;
312bd670b35SErik Nordmark if (IN6_IS_ADDR_LINKSCOPE(&ip6h->ip6_dst)) {
313bd670b35SErik Nordmark ixas.ixa_flags |= IXAF_SCOPEID_SET;
314bd670b35SErik Nordmark ixas.ixa_scopeid = ira->ira_ruifindex;
3157c478bd9Sstevel@tonic-gate }
3167c478bd9Sstevel@tonic-gate }
317bd670b35SErik Nordmark
318bd670b35SErik Nordmark insctph = (sctp_hdr_t *)(mp->b_rptr + ip_hdr_len);
3197c478bd9Sstevel@tonic-gate
3207c478bd9Sstevel@tonic-gate /* Swap ports. Verification tag is reused. */
3217c478bd9Sstevel@tonic-gate port = insctph->sh_sport;
3227c478bd9Sstevel@tonic-gate insctph->sh_sport = insctph->sh_dport;
3237c478bd9Sstevel@tonic-gate insctph->sh_dport = port;
3247c478bd9Sstevel@tonic-gate
3257c478bd9Sstevel@tonic-gate /* Lay in the shutdown complete chunk */
3267c478bd9Sstevel@tonic-gate scch = (sctp_chunk_hdr_t *)(insctph + 1);
3277c478bd9Sstevel@tonic-gate scch->sch_id = CHUNK_SHUTDOWN_COMPLETE;
3287c478bd9Sstevel@tonic-gate scch->sch_len = htons(sizeof (*scch));
3297c478bd9Sstevel@tonic-gate scch->sch_flags = 0;
3307c478bd9Sstevel@tonic-gate
3317c478bd9Sstevel@tonic-gate /* Set the T-bit */
3327c478bd9Sstevel@tonic-gate SCTP_SET_TBIT(scch);
3337c478bd9Sstevel@tonic-gate
334bd670b35SErik Nordmark ixas.ixa_protocol = IPPROTO_SCTP;
335bd670b35SErik Nordmark ixas.ixa_zoneid = ira->ira_zoneid;
336bd670b35SErik Nordmark ixas.ixa_ipst = ipst;
337bd670b35SErik Nordmark ixas.ixa_ifindex = 0;
338bd670b35SErik Nordmark
339bd670b35SErik Nordmark if (ira->ira_flags & IRAF_IPSEC_SECURE) {
340bd670b35SErik Nordmark /*
341bd670b35SErik Nordmark * Apply IPsec based on how IPsec was applied to
342bd670b35SErik Nordmark * the packet that was out of the blue.
343bd670b35SErik Nordmark */
344bd670b35SErik Nordmark if (!ipsec_in_to_out(ira, &ixas, mp, ipha, ip6h)) {
345bd670b35SErik Nordmark BUMP_MIB(&ipst->ips_ip_mib, ipIfStatsOutDiscards);
346bd670b35SErik Nordmark /* Note: mp already consumed and ip_drop_packet done */
347bd670b35SErik Nordmark return;
348bd670b35SErik Nordmark }
349bd670b35SErik Nordmark } else {
350bd670b35SErik Nordmark /*
351bd670b35SErik Nordmark * This is in clear. The message we are building
352bd670b35SErik Nordmark * here should go out in clear, independent of our policy.
353bd670b35SErik Nordmark */
354bd670b35SErik Nordmark ixas.ixa_flags |= IXAF_NO_IPSEC;
355bd670b35SErik Nordmark }
3567c478bd9Sstevel@tonic-gate
357bd670b35SErik Nordmark (void) ip_output_simple(mp, &ixas);
358bd670b35SErik Nordmark ixa_cleanup(&ixas);
3597c478bd9Sstevel@tonic-gate }
3603e1dae9fSAnil udupa
3613e1dae9fSAnil udupa /*
3623e1dae9fSAnil udupa * Called from sctp_input_data() and sctp_shutdown_received().
3633e1dae9fSAnil udupa * Send a SHUTDOWN ACK chunk to the peer SCTP endpoint and change SCTP state.
3643e1dae9fSAnil udupa * This should be done after all data (unacked and unsend) has been
3653e1dae9fSAnil udupa * acknowledged.
3663e1dae9fSAnil udupa */
3673e1dae9fSAnil udupa void
sctp_send_shutdown_ack(sctp_t * sctp,sctp_faddr_t * fp,boolean_t crwsd)3683e1dae9fSAnil udupa sctp_send_shutdown_ack(sctp_t *sctp, sctp_faddr_t *fp, boolean_t crwsd)
3693e1dae9fSAnil udupa {
3703e1dae9fSAnil udupa mblk_t *samp;
3713e1dae9fSAnil udupa sctp_chunk_hdr_t *sach;
3723e1dae9fSAnil udupa sctp_stack_t *sctps = sctp->sctp_sctps;
3733e1dae9fSAnil udupa
3743e1dae9fSAnil udupa ASSERT(sctp->sctp_xmit_unacked == NULL);
3753e1dae9fSAnil udupa ASSERT(sctp->sctp_lastack_rxd == (sctp->sctp_ltsn - 1));
3763e1dae9fSAnil udupa ASSERT(fp != NULL);
3773e1dae9fSAnil udupa
3783e1dae9fSAnil udupa sctp->sctp_shutdown_faddr = fp;
3793e1dae9fSAnil udupa
3803e1dae9fSAnil udupa samp = sctp_make_mp(sctp, fp, sizeof (*sach));
3813e1dae9fSAnil udupa if (samp == NULL) {
3823e1dae9fSAnil udupa SCTP_KSTAT(sctps, sctp_send_shutdown_ack_failed);
3833e1dae9fSAnil udupa goto dotimer;
3843e1dae9fSAnil udupa }
3853e1dae9fSAnil udupa
3863e1dae9fSAnil udupa sach = (sctp_chunk_hdr_t *)samp->b_wptr;
3873e1dae9fSAnil udupa sach->sch_id = CHUNK_SHUTDOWN_ACK;
3883e1dae9fSAnil udupa sach->sch_flags = 0;
3893e1dae9fSAnil udupa sach->sch_len = htons(sizeof (*sach));
3903e1dae9fSAnil udupa
3913e1dae9fSAnil udupa samp->b_wptr += sizeof (*sach);
3923e1dae9fSAnil udupa /*
3933e1dae9fSAnil udupa * bundle a "cookie received while shutting down" error if
3943e1dae9fSAnil udupa * the caller asks for it.
3953e1dae9fSAnil udupa */
3963e1dae9fSAnil udupa if (crwsd) {
3973e1dae9fSAnil udupa mblk_t *errmp;
3983e1dae9fSAnil udupa
3993e1dae9fSAnil udupa errmp = sctp_make_err(sctp, SCTP_ERR_COOKIE_SHUT, NULL, 0);
4003e1dae9fSAnil udupa if (errmp != NULL) {
4013e1dae9fSAnil udupa linkb(samp, errmp);
4023e1dae9fSAnil udupa BUMP_LOCAL(sctp->sctp_obchunks);
4033e1dae9fSAnil udupa }
4043e1dae9fSAnil udupa }
4053e1dae9fSAnil udupa
4063e1dae9fSAnil udupa BUMP_LOCAL(sctp->sctp_obchunks);
4073e1dae9fSAnil udupa
408*6be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India sctp_set_iplen(sctp, samp, fp->sf_ixa);
409*6be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India (void) conn_ip_output(samp, fp->sf_ixa);
4103e1dae9fSAnil udupa BUMP_LOCAL(sctp->sctp_opkts);
4113e1dae9fSAnil udupa
4123e1dae9fSAnil udupa dotimer:
4133e1dae9fSAnil udupa sctp->sctp_state = SCTPS_SHUTDOWN_ACK_SENT;
414*6be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India SCTP_FADDR_TIMER_RESTART(sctp, fp, fp->sf_rto);
4153e1dae9fSAnil udupa }
416