/* Kernel module to match Hop-by-Hop and Destination parameters. */

/* (C) 2001-2002 Andras Kis-Szabo <kisza@sch.bme.hu>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/ipv6.h>
#include <linux/types.h>
#include <net/checksum.h>
#include <net/ipv6.h>

#include <asm/byteorder.h>

#include <linux/netfilter/x_tables.h>
#include <linux/netfilter_ipv6/ip6_tables.h>
#include <linux/netfilter_ipv6/ip6t_opts.h>

MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Xtables: IPv6 Hop-By-Hop and Destination Header match");
MODULE_AUTHOR("Andras Kis-Szabo <kisza@sch.bme.hu>");
MODULE_ALIAS("ip6t_dst");

/*
 *  (Type & 0xC0) >> 6
 *      0       -> ignorable
 *      1       -> must drop the packet
 *      2       -> send ICMP PARM PROB regardless and drop packet
 *      3       -> Send ICMP if not a multicast address and drop packet
 *  (Type & 0x20) >> 5
 *      0       -> invariant
 *      1       -> can change the routing
 *  (Type & 0x1F) Type
 *      0       -> Pad1 (only 1 byte!)
 *      1       -> PadN LENGTH info (total length = length + 2)
 *      C0 | 2  -> JUMBO 4 x x x x ( xxxx > 64k )
 *      5       -> RTALERT 2 x x
 */

static struct xt_match hbh_mt6_reg[] __read_mostly;

static bool
hbh_mt6(const struct sk_buff *skb, struct xt_action_param *par)
{
        struct ipv6_opt_hdr _optsh;
        const struct ipv6_opt_hdr *oh;
        const struct ip6t_opts *optinfo = par->matchinfo;
        unsigned int temp;
        unsigned int ptr = 0;
        unsigned int hdrlen = 0;
        bool ret = false;
        u8 _opttype;
        u8 _optlen;
        const u_int8_t *tp = NULL;
        const u_int8_t *lp = NULL;
        unsigned int optlen;
        int err;

        err = ipv6_find_hdr(skb, &ptr,
                            (par->match == &hbh_mt6_reg[0]) ?
                            NEXTHDR_HOP : NEXTHDR_DEST, NULL, NULL);
        if (err < 0) {
                if (err != -ENOENT)
                        par->hotdrop = true;
                return false;
        }

        oh = skb_header_pointer(skb, ptr, sizeof(_optsh), &_optsh);
        if (oh == NULL) {
                par->hotdrop = true;
                return false;
        }

        hdrlen = ipv6_optlen(oh);
        if (skb->len - ptr < hdrlen) {
                /* Packet smaller than it's length field */
                return false;
        }

        pr_debug("IPv6 OPTS LEN %u %u ", hdrlen, oh->hdrlen);

        pr_debug("len %02X %04X %02X ",
                 optinfo->hdrlen, hdrlen,
                 (!(optinfo->flags & IP6T_OPTS_LEN) ||
                  ((optinfo->hdrlen == hdrlen) ^
                   !!(optinfo->invflags & IP6T_OPTS_INV_LEN))));

        ret = (oh != NULL) &&
              (!(optinfo->flags & IP6T_OPTS_LEN) ||
               ((optinfo->hdrlen == hdrlen) ^
                !!(optinfo->invflags & IP6T_OPTS_INV_LEN)));

        ptr += 2;
        hdrlen -= 2;
        if (!(optinfo->flags & IP6T_OPTS_OPTS)) {
                return ret;
        } else {
                pr_debug("Strict ");
                pr_debug("#%d ", optinfo->optsnr);
                for (temp = 0; temp < optinfo->optsnr; temp++) {
                        /* type field exists ? */
                        if (hdrlen < 1)
                                break;
                        tp = skb_header_pointer(skb, ptr, sizeof(_opttype),
                                                &_opttype);
                        if (tp == NULL)
                                break;

                        /* Type check */
                        if (*tp != (optinfo->opts[temp] & 0xFF00) >> 8) {
                                pr_debug("Tbad %02X %02X\n", *tp,
                                         (optinfo->opts[temp] & 0xFF00) >> 8);
                                return false;
                        } else {
                                pr_debug("Tok ");
                        }
                        /* Length check */
                        if (*tp) {
                                u16 spec_len;

                                /* length field exists ? */
                                if (hdrlen < 2)
                                        break;
                                lp = skb_header_pointer(skb, ptr + 1,
                                                        sizeof(_optlen),
                                                        &_optlen);
                                if (lp == NULL)
                                        break;
                                spec_len = optinfo->opts[temp] & 0x00FF;

                                if (spec_len != 0x00FF && spec_len != *lp) {
                                        pr_debug("Lbad %02X %04X\n", *lp,
                                                 spec_len);
                                        return false;
                                }
                                pr_debug("Lok ");
                                optlen = *lp + 2;
                        } else {
                                pr_debug("Pad1\n");
                                optlen = 1;
                        }

                        /* Step to the next */
                        pr_debug("len%04X\n", optlen);

                        if ((ptr > skb->len - optlen || hdrlen < optlen) &&
                            temp < optinfo->optsnr - 1) {
                                pr_debug("new pointer is too large!\n");
                                break;
                        }
                        ptr += optlen;
                        hdrlen -= optlen;
                }
                if (temp == optinfo->optsnr)
                        return ret;
                else
                        return false;
        }

        return false;
}

static int hbh_mt6_check(const struct xt_mtchk_param *par)
{
        const struct ip6t_opts *optsinfo = par->matchinfo;

        if (optsinfo->invflags & ~IP6T_OPTS_INV_MASK) {
                pr_debug("unknown flags %X\n", optsinfo->invflags);
                return -EINVAL;
        }

        if (optsinfo->flags & IP6T_OPTS_NSTRICT) {
                pr_debug("Not strict - not implemented");
                return -EINVAL;
        }

        return 0;
}

static struct xt_match hbh_mt6_reg[] __read_mostly = {
        {
                /* Note, hbh_mt6 relies on the order of hbh_mt6_reg */
                .name           = "hbh",
                .family         = NFPROTO_IPV6,
                .match          = hbh_mt6,
                .matchsize      = sizeof(struct ip6t_opts),
                .checkentry     = hbh_mt6_check,
                .me             = THIS_MODULE,
        },
        {
                .name           = "dst",
                .family         = NFPROTO_IPV6,
                .match          = hbh_mt6,
                .matchsize      = sizeof(struct ip6t_opts),
                .checkentry     = hbh_mt6_check,
                .me             = THIS_MODULE,
        },
};

static int __init hbh_mt6_init(void)
{
        return xt_register_matches(hbh_mt6_reg, ARRAY_SIZE(hbh_mt6_reg));
}

static void __exit hbh_mt6_exit(void)
{
        xt_unregister_matches(hbh_mt6_reg, ARRAY_SIZE(hbh_mt6_reg));
}

module_init(hbh_mt6_init);
module_exit(hbh_mt6_exit);