--- sys/netinet6/scope6.c	(svn+ssh://svn.freebsd.org/base/head)	(revision 261548)
+++ sys/netinet6/scope6.c	(working copy)
@@ -38,7 +38,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/socket.h>
 #include <sys/systm.h>
 #include <sys/queue.h>
-#include <sys/sysctl.h>
 #include <sys/syslog.h>
 
 #include <net/if.h>
@@ -46,7 +45,7 @@ __FBSDID("$FreeBSD$");
 #include <net/vnet.h>
 
 #include <netinet/in.h>
-
+#include <netinet/in_pcb.h>
 #include <netinet/ip6.h>
 #include <netinet6/in6_var.h>
 #include <netinet6/ip6_var.h>
@@ -57,11 +56,6 @@ VNET_DEFINE(int, ip6_use_defzone) = 1;
 #else
 VNET_DEFINE(int, ip6_use_defzone) = 0;
 #endif
-VNET_DEFINE(int, deembed_scopeid) = 1;
-SYSCTL_DECL(_net_inet6_ip6);
-SYSCTL_VNET_INT(_net_inet6_ip6, OID_AUTO, deembed_scopeid, CTLFLAG_RW,
-    &VNET_NAME(deembed_scopeid), 0,
-    "Extract embedded zone ID and set it to sin6_scope_id in sockaddr_in6.");
 
 /*
  * The scope6_lock protects the global sid default stored in
@@ -208,62 +202,15 @@ scope6_get(struct ifnet *ifp, struct scope6_id *id
  * Get a scope of the address. Node-local, link-local, site-local or global.
  */
 int
-in6_addrscope(struct in6_addr *addr)
+in6_addrscope(const struct in6_addr *addr)
 {
-	int scope;
 
-	if (addr->s6_addr[0] == 0xfe) {
-		scope = addr->s6_addr[1] & 0xc0;
-
-		switch (scope) {
-		case 0x80:
-			return IPV6_ADDR_SCOPE_LINKLOCAL;
-			break;
-		case 0xc0:
-			return IPV6_ADDR_SCOPE_SITELOCAL;
-			break;
-		default:
-			return IPV6_ADDR_SCOPE_GLOBAL; /* just in case */
-			break;
-		}
-	}
-
-
-	if (addr->s6_addr[0] == 0xff) {
-		scope = addr->s6_addr[1] & 0x0f;
-
-		/*
-		 * due to other scope such as reserved,
-		 * return scope doesn't work.
-		 */
-		switch (scope) {
-		case IPV6_ADDR_SCOPE_INTFACELOCAL:
-			return IPV6_ADDR_SCOPE_INTFACELOCAL;
-			break;
-		case IPV6_ADDR_SCOPE_LINKLOCAL:
-			return IPV6_ADDR_SCOPE_LINKLOCAL;
-			break;
-		case IPV6_ADDR_SCOPE_SITELOCAL:
-			return IPV6_ADDR_SCOPE_SITELOCAL;
-			break;
-		default:
-			return IPV6_ADDR_SCOPE_GLOBAL;
-			break;
-		}
-	}
-
-	/*
-	 * Regard loopback and unspecified addresses as global, since
-	 * they have no ambiguity.
-	 */
-	if (bcmp(&in6addr_loopback, addr, sizeof(*addr) - 1) == 0) {
-		if (addr->s6_addr[15] == 1) /* loopback */
-			return IPV6_ADDR_SCOPE_LINKLOCAL;
-		if (addr->s6_addr[15] == 0) /* unspecified */
-			return IPV6_ADDR_SCOPE_GLOBAL; /* XXX: correct? */
-	}
-
-	return IPV6_ADDR_SCOPE_GLOBAL;
+	if (IN6_IS_ADDR_MULTICAST(addr))
+		return (IPV6_ADDR_MC_SCOPE(addr));
+	if (IN6_IS_ADDR_LINKLOCAL(addr) ||
+	    IN6_IS_ADDR_LOOPBACK(addr))
+		return (IPV6_ADDR_SCOPE_LINKLOCAL);
+	return (IPV6_ADDR_SCOPE_GLOBAL);
 }
 
 /*
@@ -478,3 +425,153 @@ in6_getscope(struct in6_addr *in6)
 
 	return (0);
 }
+
+/*
+ * Return pointer to ifnet structure, corresponding to the
+ * link-local scope zone id.
+ */
+struct ifnet*
+in6_getlinkifnet(uint32_t zoneid)
+{
+
+	return (ifnet_byindex((u_short)zoneid));
+}
+
+/*
+ * Return zone id for the specified scope.
+ * XXX: currently we don't take any locks.
+ */
+uint32_t
+in6_getscopezone(const struct ifnet *ifp, int scope)
+{
+
+	if (scope == IPV6_ADDR_SCOPE_INTFACELOCAL ||
+	    scope == IPV6_ADDR_SCOPE_LINKLOCAL)
+		return (ifp->if_index);
+	if (scope >= 0 && scope < IPV6_ADDR_SCOPES_COUNT)
+		return (SID(ifp)->s6id_list[scope]);
+	return (0);
+}
+
+/*
+ * This function is for checking sockaddr_in6 structure passed
+ * from the application level (usually).
+ *
+ * sin6_scope_id should be set for link-local unicast, link-local and
+ * interface-local  multicast addresses.
+ *
+ * If it is zero, then look into default zone ids. If default zone id is
+ * not set or disabled, then return error.
+ */
+int
+sa6_checkzone(struct sockaddr_in6 *sa6)
+{
+	int scope;
+
+	scope = in6_addrscope(&sa6->sin6_addr);
+	if (scope == IPV6_ADDR_SCOPE_GLOBAL)
+		return (sa6->sin6_scope_id ? EINVAL: 0);
+	if (IN6_IS_ADDR_MULTICAST(&sa6->sin6_addr) &&
+	    scope != IPV6_ADDR_SCOPE_LINKLOCAL &&
+	    scope != IPV6_ADDR_SCOPE_INTFACELOCAL) {
+		if (sa6->sin6_scope_id == 0 && V_ip6_use_defzone != 0)
+			sa6->sin6_scope_id = V_sid_default.s6id_list[scope];
+		return (0);
+	}
+	/*
+	 * Since ::1 address always configured on the lo0, we can
+	 * automatically set its zone id, when it is not specified.
+	 * Return error, when specified zone id doesn't match with
+	 * actual value.
+	 */
+	if (IN6_IS_ADDR_LOOPBACK(&sa6->sin6_addr)) {
+		if (sa6->sin6_scope_id == 0)
+			sa6->sin6_scope_id = in6_getscopezone(V_loif, scope);
+		else if (sa6->sin6_scope_id != in6_getscopezone(V_loif, scope))
+			return (EADDRNOTAVAIL);
+	}
+	/* XXX: we can validate sin6_scope_id here */
+	if (sa6->sin6_scope_id != 0)
+		return (0);
+	if (V_ip6_use_defzone != 0)
+		sa6->sin6_scope_id = V_sid_default.s6id_list[scope];
+	/* Return error if we can't determine zone id */
+	return (sa6->sin6_scope_id ? 0: EADDRNOTAVAIL);
+}
+
+/*
+ * This function is similar to sa6_checkzone, but it uses given ifp
+ * to initialize sin6_scope_id.
+ */
+int
+sa6_checkzone_ifp(struct ifnet *ifp, struct sockaddr_in6 *sa6)
+{
+	int scope;
+
+	scope = in6_addrscope(&sa6->sin6_addr);
+	if (scope == IPV6_ADDR_SCOPE_LINKLOCAL ||
+	    scope == IPV6_ADDR_SCOPE_INTFACELOCAL) {
+		if (sa6->sin6_scope_id == 0) {
+			sa6->sin6_scope_id = in6_getscopezone(ifp, scope);
+			return (0);
+		} else if (sa6->sin6_scope_id != in6_getscopezone(ifp, scope))
+			return (EADDRNOTAVAIL);
+	}
+	return (sa6_checkzone(sa6));
+}
+
+int
+sa6_checkzone_opts(struct ip6_pktopts *opts, struct ip6_moptions *mopts,
+    struct sockaddr_in6 *sa6)
+{
+	struct in6_pktinfo *pi;
+	int scope;
+
+	scope = in6_addrscope(&sa6->sin6_addr);
+	if (scope == IPV6_ADDR_SCOPE_LINKLOCAL ||
+	    scope == IPV6_ADDR_SCOPE_INTFACELOCAL) {
+		if (sa6->sin6_scope_id == 0) {
+			/*
+			 * We requre that sin6_scope_id must be initialized for
+			 * link-local and interface-local addresses. But user
+			 * didn't initialize it. Try to determine zone id from
+			 * socket options.
+			 * XXX: we will do this again in the in6_selectsrc().
+			 */
+			/*
+			 * RFC 3542 p6.7:
+			 * If an interface is specified in an IPV6_PKTINFO
+			 * ancillary data item, the interface is used.
+			 */
+			if (opts != NULL) {
+				pi = opts->ip6po_pktinfo;
+				if (pi != NULL && pi->ipi6_ifindex != 0) {
+					/* XXX: in6_getscopezone */
+					sa6->sin6_scope_id = pi->ipi6_ifindex;
+					return (0);
+				}
+			}
+			/*
+			 * If the destination address is a multicast
+			 * address and the IPV6_MULTICAST_IF socket option is
+			 * specified for the socket, the interface is used.
+			 */
+			if (mopts != NULL &&
+			    mopts->im6o_multicast_ifp != NULL) {
+				sa6->sin6_scope_id = in6_getscopezone(
+				    mopts->im6o_multicast_ifp, scope);
+				return (0);
+			}
+			/*
+			 * If an IPV6_NEXTHOP ancillary data item is
+			 * specified, the interface to the next hop is used.
+			 *
+			 * This option does not have any meaning for multicast
+			 * destinations. In such a case, the specified next hop
+			 * will be ignored.
+			 * XXX: handle IPV6_NEXTHOP
+			 */
+		}
+	}
+	return (sa6_checkzone(sa6));
+}