diff options
| author | suz <suz@FreeBSD.org> | 2002-04-19 04:46:24 +0000 |
|---|---|---|
| committer | suz <suz@FreeBSD.org> | 2002-04-19 04:46:24 +0000 |
| commit | 553226e8e16639b00d61d81e0125330dbfb7eed8 (patch) | |
| tree | 100274bd96d0c95cafbe1a4a5961b54fc403fd47 | |
| parent | ae841d33c320c4185ecaa0e982c744039b1ba10f (diff) | |
| download | FreeBSD-src-553226e8e16639b00d61d81e0125330dbfb7eed8.zip FreeBSD-src-553226e8e16639b00d61d81e0125330dbfb7eed8.tar.gz | |
just merged cosmetic changes from KAME to ease sync between KAME and FreeBSD.
(based on freebsd4-snap-20020128)
Reviewed by: ume
MFC after: 1 week
75 files changed, 644 insertions, 573 deletions
diff --git a/lib/libc/net/getaddrinfo.3 b/lib/libc/net/getaddrinfo.3 index 9c56af4..9ef8898 100644 --- a/lib/libc/net/getaddrinfo.3 +++ b/lib/libc/net/getaddrinfo.3 @@ -1,5 +1,5 @@ .\" $FreeBSD$ -.\" $KAME: getaddrinfo.3,v 1.22 2000/08/09 21:16:17 itojun Exp $ +.\" $KAME: getaddrinfo.3,v 1.31 2001/08/05 18:19:38 itojun Exp $ .\" .\" Copyright (c) 1983, 1987, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -573,6 +573,7 @@ indicate an unknown error. .Xr getnameinfo 3 , .Xr getservbyname 3 , .Xr hosts 5 , +.Xr resolv.conf 5 , .Xr services 5 , .Xr hostname 7 , .Xr named 8 diff --git a/lib/libc/net/ifname.c b/lib/libc/net/ifname.c index d383038..e6e5a77 100644 --- a/lib/libc/net/ifname.c +++ b/lib/libc/net/ifname.c @@ -1,3 +1,5 @@ +/* $KAME: ifname.c,v 1.4 2001/08/20 02:32:40 itojun Exp $ */ + /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. * All rights reserved. diff --git a/lib/libc/net/inet_addr.c b/lib/libc/net/inet_addr.c index b305524..eb97f84 100644 --- a/lib/libc/net/inet_addr.c +++ b/lib/libc/net/inet_addr.c @@ -1,3 +1,5 @@ +/* $KAME: inet_addr.c,v 1.5 2001/08/20 02:32:40 itojun Exp $ */ + /* * ++Copyright++ 1983, 1990, 1993 * - diff --git a/lib/libc/net/inet_pton.c b/lib/libc/net/inet_pton.c index d4cb90b..05bb1f4 100644 --- a/lib/libc/net/inet_pton.c +++ b/lib/libc/net/inet_pton.c @@ -1,3 +1,5 @@ +/* $KAME: inet_pton.c,v 1.5 2001/08/20 02:32:40 itojun Exp $ */ + /* Copyright (c) 1996 by Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any diff --git a/lib/libc/net/rthdr.c b/lib/libc/net/rthdr.c index da906b2..abfe34a 100644 --- a/lib/libc/net/rthdr.c +++ b/lib/libc/net/rthdr.c @@ -1,3 +1,5 @@ +/* $KAME: rthdr.c,v 1.8 2001/08/20 02:32:40 itojun Exp $ */ + /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. * All rights reserved. @@ -226,9 +228,9 @@ inet6_rthdr_segments(cmsg) } struct in6_addr * -inet6_rthdr_getaddr(cmsg, index) +inet6_rthdr_getaddr(cmsg, idx) struct cmsghdr *cmsg; - int index; + int idx; { struct ip6_rthdr *rthdr; @@ -248,13 +250,13 @@ inet6_rthdr_getaddr(cmsg, index) return NULL; } naddr = (rt0->ip6r0_len * 8) / sizeof(struct in6_addr); - if (index <= 0 || naddr < index) { + if (idx <= 0 || naddr < idx) { #ifdef DEBUG - fprintf(stderr, "inet6_rthdr_getaddr: invalid index(%d)\n", index); + fprintf(stderr, "inet6_rthdr_getaddr: invalid idx(%d)\n", idx); #endif return NULL; } - return &rt0->ip6r0_addr[index - 1]; + return &rt0->ip6r0_addr[idx - 1]; } default: @@ -267,9 +269,9 @@ inet6_rthdr_getaddr(cmsg, index) } int -inet6_rthdr_getflags(cmsg, index) +inet6_rthdr_getflags(cmsg, idx) const struct cmsghdr *cmsg; - int index; + int idx; { struct ip6_rthdr *rthdr; @@ -289,13 +291,13 @@ inet6_rthdr_getflags(cmsg, index) return -1; } naddr = (rt0->ip6r0_len * 8) / sizeof(struct in6_addr); - if (index < 0 || naddr < index) { + if (idx < 0 || naddr < idx) { #ifdef DEBUG - fprintf(stderr, "inet6_rthdr_getflags: invalid index(%d)\n", index); + fprintf(stderr, "inet6_rthdr_getflags: invalid idx(%d)\n", idx); #endif return -1; } - if (rt0->ip6r0_slmap[index / 8] & (0x80 >> (index % 8))) + if (rt0->ip6r0_slmap[idx / 8] & (0x80 >> (idx % 8))) return IPV6_RTHDR_STRICT; else return IPV6_RTHDR_LOOSE; diff --git a/lib/libc/net/vars.c b/lib/libc/net/vars.c index 72b47c8..42ee205 100644 --- a/lib/libc/net/vars.c +++ b/lib/libc/net/vars.c @@ -1,3 +1,5 @@ +/* $KAME: vars.c,v 1.2 2001/08/20 02:32:41 itojun Exp $ */ + /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. * All rights reserved. diff --git a/lib/libipsec/ipsec_set_policy.3 b/lib/libipsec/ipsec_set_policy.3 index cc7424e..c41a113 100644 --- a/lib/libipsec/ipsec_set_policy.3 +++ b/lib/libipsec/ipsec_set_policy.3 @@ -1,4 +1,4 @@ -.\" $KAME: ipsec_set_policy.3,v 1.14 2001/04/06 07:00:46 itojun Exp $ +.\" $KAME: ipsec_set_policy.3,v 1.15 2001/08/17 07:21:36 itojun Exp $ .\" $FreeBSD$ .\" .\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. @@ -62,6 +62,8 @@ of .Fa policy . .Fn ipsec_set_policy will return the buffer of IPsec policy specification structure. +The buffer is dynamically allocated, and must be freed by the caller by calling +.Xr free 3 . .Pp You may want the length of the generated buffer such when calling .Xr setsockopt 2 . diff --git a/lib/libipsec/ipsec_strerror.3 b/lib/libipsec/ipsec_strerror.3 index e4bde7d..77f228f 100644 --- a/lib/libipsec/ipsec_strerror.3 +++ b/lib/libipsec/ipsec_strerror.3 @@ -1,4 +1,4 @@ -.\" $KAME: ipsec_strerror.3,v 1.8 2000/11/20 00:35:14 sakane Exp $ +.\" $KAME: ipsec_strerror.3,v 1.9 2001/08/17 07:21:36 itojun Exp $ .\" $FreeBSD$ .\" .\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. @@ -80,3 +80,6 @@ first appeared in WIDE/KAME IPv6 protocol stack kit. .Sh BUGS .Fn ipsec_strerror will return its result which may be overwritten by subsequent calls. +.Pp +.Va ipsec_errcode +is not thread safe. diff --git a/sbin/ip6fw/ip6fw.8 b/sbin/ip6fw/ip6fw.8 index 4b411d3..7d2c6eb 100644 --- a/sbin/ip6fw/ip6fw.8 +++ b/sbin/ip6fw/ip6fw.8 @@ -1,6 +1,35 @@ .\" .\" $FreeBSD$ .\" +.\" $KAME$ +.\" +.\" Copyright (C) 1998, 1999, 2000 and 2001 WIDE Project. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of the project nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" .Dd March 13, 2000 .Dt IP6FW 8 .Os @@ -494,7 +523,7 @@ from being forwarded by the host: This one disallows any connection from the entire hackers network to my host: .Pp -.Dl ip6fw addf deny all from fec0::123:45:67:0/112 to my.host.org +.Dl ip6fw add deny all from fec0::123:45:67:0/112 to my.host.org .Pp Here is a good usage of the list command to see accounting records and timestamp information: diff --git a/sbin/ip6fw/ip6fw.c b/sbin/ip6fw/ip6fw.c index 28d5d7a..9f14540 100644 --- a/sbin/ip6fw/ip6fw.c +++ b/sbin/ip6fw/ip6fw.c @@ -1,3 +1,34 @@ +/* $KAME: ip6fw.c,v 1.13 2001/06/22 05:51:16 itojun Exp $ */ + +/* + * Copyright (C) 1998, 1999, 2000 and 2001 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + /* * Copyright (c) 1996 Alex Nash, Paul Traina, Poul-Henning Kamp * Copyright (c) 1994 Ugen J.S.Antsilevich diff --git a/sys/crypto/des/podd.h b/sys/crypto/des/podd.h index fb54c39..0528b9c 100644 --- a/sys/crypto/des/podd.h +++ b/sys/crypto/des/podd.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: podd.h,v 1.3 2000/03/27 04:36:34 sumikawa Exp $ */ +/* $KAME: podd.h,v 1.4 2001/09/10 04:03:58 itojun Exp $ */ /* crypto/des/podd.h */ /* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au) diff --git a/sys/crypto/des/sk.h b/sys/crypto/des/sk.h index 24bde96..d4aa375 100644 --- a/sys/crypto/des/sk.h +++ b/sys/crypto/des/sk.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: sk.h,v 1.3 2000/03/27 04:36:34 sumikawa Exp $ */ +/* $KAME: sk.h,v 1.4 2001/09/10 04:03:58 itojun Exp $ */ /* crypto/des/sk.h */ /* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au) diff --git a/sys/kern/uipc_mbuf2.c b/sys/kern/uipc_mbuf2.c index 9a6d5f2..407258d 100644 --- a/sys/kern/uipc_mbuf2.c +++ b/sys/kern/uipc_mbuf2.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: uipc_mbuf2.c,v 1.29 2001/02/14 13:42:10 itojun Exp $ */ +/* $KAME: uipc_mbuf2.c,v 1.31 2001/11/28 11:08:53 itojun Exp $ */ /* $NetBSD: uipc_mbuf.c,v 1.40 1999/04/01 00:23:25 thorpej Exp $ */ /* diff --git a/sys/net/if.c b/sys/net/if.c index 27279c3..8fc94e7 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1486,7 +1486,7 @@ ifioctl(so, cmd, data, td) if ((oif_flags ^ ifp->if_flags) & IFF_UP) { #ifdef INET6 - DELAY(100);/* XXX: temporal workaround for fxp issue*/ + DELAY(100);/* XXX: temporary workaround for fxp issue*/ if (ifp->if_flags & IFF_UP) { int s = splimp(); in6_if_up(ifp); diff --git a/sys/net/if_faith.c b/sys/net/if_faith.c index 2359157..a37d9d4 100644 --- a/sys/net/if_faith.c +++ b/sys/net/if_faith.c @@ -1,4 +1,4 @@ -/* $KAME: if_faith.c,v 1.21 2001/02/20 07:59:26 itojun Exp $ */ +/* $KAME: if_faith.c,v 1.23 2001/12/17 13:55:29 sumikawa Exp $ */ /* * Copyright (c) 1982, 1986, 1993 diff --git a/sys/net/if_gif.c b/sys/net/if_gif.c index aa8b96a..6af98ce 100644 --- a/sys/net/if_gif.c +++ b/sys/net/if_gif.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: if_gif.c,v 1.47 2001/05/01 05:28:42 itojun Exp $ */ +/* $KAME: if_gif.c,v 1.87 2001/10/19 08:50:27 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -129,7 +129,7 @@ SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW, 0, * Since, setting a large value to this macro with a careless configuration * may introduce system crash, we don't allow any nestings by default. * If you need to configure nested gif tunnels, you can define this macro - * in your kernel configuration file. However, if you do so, please be + * in your kernel configuration file. However, if you do so, please be * careful to configure the tunnels so that it won't make a loop. */ #define MAX_GIF_NEST 1 @@ -459,13 +459,12 @@ gif_input(m, af, gifp) * Put the packet to the network layer input queue according to the * specified address family. * Note: older versions of gif_input directly called network layer - * input functions, e.g. ip6_input, here. We changed the policy to + * input functions, e.g. ip6_input, here. We changed the policy to * prevent too many recursive calls of such input functions, which - * might cause kernel panic. But the change may introduce another + * might cause kernel panic. But the change may introduce another * problem; if the input queue is full, packets are discarded. - * We believed it rarely occurs and changed the policy. If we find - * it occurs more times than we thought, we may change the policy - * again. + * The kernel stack overflow really happened, and we believed + * queue-full rarely occurs, so we changed the policy. */ switch (af) { #ifdef INET diff --git a/sys/net/if_stf.c b/sys/net/if_stf.c index 0c45f43..99ff838 100644 --- a/sys/net/if_stf.c +++ b/sys/net/if_stf.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: if_stf.c,v 1.62 2001/06/07 22:32:16 itojun Exp $ */ +/* $KAME: if_stf.c,v 1.73 2001/12/03 11:08:30 keiichi Exp $ */ /* * Copyright (C) 2000 WIDE Project. diff --git a/sys/net/if_stf.h b/sys/net/if_stf.h index 998133c..07d3d57 100644 --- a/sys/net/if_stf.h +++ b/sys/net/if_stf.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: if_stf.h,v 1.3 2000/03/25 07:23:33 sumikawa Exp $ */ +/* $KAME: if_stf.h,v 1.5 2001/10/12 10:09:17 keiichi Exp $ */ /* * Copyright (C) 2000 WIDE Project. diff --git a/sys/net/net_osdep.c b/sys/net/net_osdep.c index 3ce162fb..a035bae 100644 --- a/sys/net/net_osdep.c +++ b/sys/net/net_osdep.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: net_osdep.c,v 1.10 2001/07/26 19:08:37 itojun Exp $ */ +/* $KAME: net_osdep.c,v 1.9 2001/04/06 09:22:05 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/sys/net/net_osdep.h b/sys/net/net_osdep.h index a5ff633..5669275 100644 --- a/sys/net/net_osdep.h +++ b/sys/net/net_osdep.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: net_osdep.h,v 1.44 2001/05/16 03:13:40 jinmei Exp $ */ +/* $KAME: net_osdep.h,v 1.68 2001/12/21 08:14:58 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -35,16 +35,28 @@ /* * OS dependencies: + * - ioctl + * FreeBSD 3 and later warn when sys/ioctl.h is included in a kernel source + * file. For socket ioctl, we are suggested to use sys/sockio.h. + * + * - RTFREE() + * bsdi does not escape this macro using do-clause, so it is recommended + * to escape the macro explicitly. + * e.g. + * if (rt) { + * RTFREE(rt); + * } * * - whether the IPv4 input routine convert the byte order of some fileds * of the IP header (x: convert to the host byte order, s: strip the header * length for possible reassembly) - * ip_len ip_id ip_off - * bsdi3: xs x x - * bsdi4: xs x - * FreeBSD: xs x - * NetBSD: x x - * OpenBSD: xs x x + * ip_len ip_id ip_off + * bsdi3: xs x x + * bsdi4: xs x + * freebsd[23]: xs x x + * freebsd4: xs x + * NetBSD: x x + * OpenBSD: xs x x * * - ifa_ifwithaf() * bsdi[34], netbsd, and openbsd define it in sys/net/if.c @@ -131,6 +143,14 @@ * OpenBSD 2.8 * timeout_{add,set,del} is encouraged (sys/timeout.h) * + * - kernel internal time structure + * FreeBSD 2, NetBSD, OpenBSD, BSD/OS + * mono_time.tv_u?sec, time.tv_u?sec + * FreeBSD [34] + * time_second + * if you need portability, #ifdef out FreeBSD[34], or use microtime(&tv) + * then touch tv.tv_sec (note: microtime is an expensive operation). + * * - sysctl * NetBSD, OpenBSD * foo_sysctl() @@ -167,12 +187,16 @@ * * - ovbcopy() * in NetBSD 1.4 or later, ovbcopy() is not supplied in the kernel. - * bcopy() is safe against overwrites. + * we have updated sys/systm.h to include declaration. * * - splnet() * NetBSD 1.4 or later requires splsoftnet(). * other operating systems use splnet(). * + * - splimp() + * NetBSD-current (2001/4/13): use splnet() in network, splvm() in vm. + * other operating systems: use splimp(). + * * - dtom() * NEVER USE IT! * @@ -231,7 +255,40 @@ * others: do not increase refcnt for ifp->if_addrlist and in_ifaddr. * use IFAFREE once when ifaddr is disconnected from * ifp->if_addrlist and in_ifaddr. IFAFREE frees ifaddr when - * ifa_refcnt goes negative. + * ifa_refcnt goes negative. in KAME environment, IFAREF is + * provided as a compatibility wrapper (use it instead of + * ifa_refcnt++ to reduce #ifdef). + * + * - ifnet.if_lastchange + * freebsd, bsdi, netbsd-current (jun 14 2001-), + * openbsd-current (jun 15 2001-): updated only when IFF_UP changes. + * (RFC1573 ifLastChange interpretation) + * netbsd151, openbsd29: updated whenever packets go through the interface. + * (4.4BSD interpretation) + * + * - kernel compilation options ("options HOGE" in kernel config file) + * freebsd4: sys/conf/options has to have mapping between option + * and a header file (opt_hoge.h). + * netbsd: by default, -DHOGE will go into + * sys/arch/foo/compile/BAR/Makefile. + * if you define mapping in sys/conf/files, you can create + * a header file like opt_hoge.h to help make dependencies. + * bsdi/openbsd: always use -DHOGE in Makefile. there's no need/way + * to have opt_hoge.h. + * + * therefore, opt_hoge.h is mandatory on freebsd4 only. + * + * - MALLOC() macro + * Use it only if the size of the allocation is constant. + * When we do NOT collect statistics about kernel memory usage, the result + * of macro expansion contains a large set of condition branches. If the + * size is not constant, compilation optimization cannot be applied, and + * a bunch of the large branch will be embedded in the kernel code. + * + * - M_COPY_PKTHDR + * openbsd30: M_COPY_PKTHDR is deprecated. use M_MOVE_PKTHDR or + * M_DUP_PKTHDR, depending on how you want to handle m_tag. + * others: M_COPY_PKTHDR is available as usual. */ #ifndef __NET_NET_OSDEP_H_DEFINED_ diff --git a/sys/net/radix.c b/sys/net/radix.c index adbb2c2..6d4412e 100644 --- a/sys/net/radix.c +++ b/sys/net/radix.c @@ -673,7 +673,7 @@ on2: mmask = m->rm_leaf->rn_mask; if (tt->rn_flags & RNF_NORMAL) { log(LOG_ERR, - "Non-unique normal route, mask not entered"); + "Non-unique normal route, mask not entered\n"); return tt; } } else diff --git a/sys/netinet/icmp6.h b/sys/netinet/icmp6.h index 7edf8e9..abef35c 100644 --- a/sys/netinet/icmp6.h +++ b/sys/netinet/icmp6.h @@ -312,7 +312,7 @@ struct nd_opt_route_info { /* route info */ u_int8_t nd_opt_rti_prefixlen; u_int8_t nd_opt_rti_flags; u_int32_t nd_opt_rti_lifetime; - /* followed by prefix */ + /* prefix follows */ } __attribute__((__packed__)); /* @@ -541,7 +541,11 @@ struct icmp6stat { u_quad_t icp6s_tooshort; /* packet < sizeof(struct icmp6_hdr) */ u_quad_t icp6s_checksum; /* bad checksum */ u_quad_t icp6s_badlen; /* calculated bound mismatch */ - u_quad_t icp6s_reflect; /* number of responses */ + /* + * number of responses: this member is inherited from netinet code, but + * for netinet6 code, it is already available in icp6s_outhist[]. + */ + u_quad_t icp6s_reflect; u_quad_t icp6s_inhist[256]; u_quad_t icp6s_nd_toomanyopt; /* too many ND options */ struct icmp6errstat icp6s_outerrhist; diff --git a/sys/netinet/in_gif.c b/sys/netinet/in_gif.c index 4531a83..b7a1cec 100644 --- a/sys/netinet/in_gif.c +++ b/sys/netinet/in_gif.c @@ -111,7 +111,7 @@ in_gif_output(ifp, family, m, rt) tos = ip->ip_tos; break; } -#endif /*INET*/ +#endif /* INET */ #ifdef INET6 case AF_INET6: { @@ -126,7 +126,7 @@ in_gif_output(ifp, family, m, rt) tos = (ntohl(ip6->ip6_flow) >> 20) & 0xff; break; } -#endif /*INET6*/ +#endif /* INET6 */ default: #ifdef DEBUG printf("in_gif_output: warning: unknown family %d passed\n", @@ -189,7 +189,7 @@ in_gif_output(ifp, family, m, rt) /* if it constitutes infinite encapsulation, punt. */ if (sc->gif_ro.ro_rt->rt_ifp == ifp) { m_freem(m); - return ENETUNREACH; /*XXX*/ + return ENETUNREACH; /* XXX */ } #if 0 ifp->if_mtu = sc->gif_ro.ro_rt->rt_ifp->if_mtu diff --git a/sys/netinet/ip_encap.c b/sys/netinet/ip_encap.c index cdeb7ab..e12f50a 100644 --- a/sys/netinet/ip_encap.c +++ b/sys/netinet/ip_encap.c @@ -40,7 +40,8 @@ * RFC2473 IPv6 generic packet tunnelling * RFC2529 6over4 tunnel * mobile-ip6 (uses RFC2473) - * 6to4 tunnel + * RFC3056 6to4 tunnel + * isatap tunnel * Here's a list of protocol that want protocol #4: * RFC1853 IPv4-in-IPv4 tunnelling * RFC2003 IPv4 encapsulation within IPv4 diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 5c60a14..c7533e6 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -497,6 +497,8 @@ tcp_input(m, off0) * Because ip6_savecontrol() is going to parse the mbuf to * search for data to be passed up to user-land, it wants mbuf * parameters to be unchanged. + * XXX: the call of ip6_savecontrol() has been obsoleted based on + * latest version of the advanced API (20020110). */ drop_hdrlen = off0 + off; diff --git a/sys/netinet/tcp_reass.c b/sys/netinet/tcp_reass.c index 5c60a14..c7533e6 100644 --- a/sys/netinet/tcp_reass.c +++ b/sys/netinet/tcp_reass.c @@ -497,6 +497,8 @@ tcp_input(m, off0) * Because ip6_savecontrol() is going to parse the mbuf to * search for data to be passed up to user-land, it wants mbuf * parameters to be unchanged. + * XXX: the call of ip6_savecontrol() has been obsoleted based on + * latest version of the advanced API (20020110). */ drop_hdrlen = off0 + off; diff --git a/sys/netinet6/ah.h b/sys/netinet6/ah.h index e804653..1934569 100644 --- a/sys/netinet6/ah.h +++ b/sys/netinet6/ah.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ah.h,v 1.13 2000/10/18 21:28:00 itojun Exp $ */ +/* $KAME: ah.h,v 1.16 2001/09/04 08:43:19 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -63,7 +63,7 @@ struct secasvar; struct ah_algorithm_state { struct secasvar *sav; - void* foo; /*per algorithm data - maybe*/ + void* foo; /* per algorithm data - maybe */ }; struct ah_algorithm { @@ -89,6 +89,6 @@ extern void ah4_input __P((struct mbuf *, int)); extern int ah4_output __P((struct mbuf *, struct ipsecrequest *)); extern int ah4_calccksum __P((struct mbuf *, caddr_t, size_t, const struct ah_algorithm *, struct secasvar *)); -#endif /*_KERNEL*/ +#endif /* _KERNEL */ -#endif /*_NETINET6_AH_H_*/ +#endif /* _NETINET6_AH_H_ */ diff --git a/sys/netinet6/ah_core.c b/sys/netinet6/ah_core.c index 5c7afaf..cbb6206 100644 --- a/sys/netinet6/ah_core.c +++ b/sys/netinet6/ah_core.c @@ -1157,7 +1157,7 @@ ah_update_mbuf(m, off, len, algo, algos) if (!n) panic("ah_update_mbuf: wrong offset specified"); - for (/*nothing*/; n && len > 0; n = n->m_next) { + for (/* nothing */; n && len > 0; n = n->m_next) { if (n->m_len == 0) continue; if (n->m_len - off < len) @@ -1201,7 +1201,7 @@ ah4_calccksum(m, ahdat, len, algo, sav) return EINVAL; ahseen = 0; - hdrtype = -1; /*dummy, it is called IPPROTO_IP*/ + hdrtype = -1; /* dummy, it is called IPPROTO_IP */ off = 0; @@ -1209,12 +1209,12 @@ ah4_calccksum(m, ahdat, len, algo, sav) if (error) return error; - advancewidth = 0; /*safety*/ + advancewidth = 0; /* safety */ again: /* gory. */ switch (hdrtype) { - case -1: /*first one only*/ + case -1: /* first one only */ { /* * copy ip hdr, modify to fit the AH checksum rule, diff --git a/sys/netinet6/ah_input.c b/sys/netinet6/ah_input.c index 2b76d23..0afdfed 100644 --- a/sys/netinet6/ah_input.c +++ b/sys/netinet6/ah_input.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ah_input.c,v 1.59 2001/05/16 04:01:27 jinmei Exp $ */ +/* $KAME: ah_input.c,v 1.67 2002/01/07 11:39:56 kjc Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -256,7 +256,7 @@ ah4_input(m, off) */ if ((sav->flags & SADB_X_EXT_OLD) == 0 && sav->replay) { if (ipsec_chkreplay(ntohl(((struct newah *)ah)->ah_seq), sav)) - ; /*okey*/ + ; /* okey */ else { ipsecstat.in_ahreplay++; ipseclog((LOG_WARNING, @@ -356,8 +356,8 @@ ah4_input(m, off) m->m_flags &= ~M_AUTHIPHDR; m->m_flags &= ~M_AUTHIPDGM; } -#endif /*INET6*/ -#endif /*0*/ +#endif /* INET6 */ +#endif /* 0 */ if (m->m_flags & M_AUTHIPHDR && m->m_flags & M_AUTHIPDGM) { @@ -423,14 +423,6 @@ ah4_input(m, off) goto fail; } -#if 0 /* XXX should we call ipfw rather than ipsec_in_reject? */ - /* drop it if it does not match the default policy */ - if (ipsec4_in_reject(m, NULL)) { - ipsecstat.in_polvio++; - goto fail; - } -#endif - #if 1 /* * Should the inner packet be considered authentic? @@ -468,7 +460,7 @@ ah4_input(m, off) goto fail; } m = NULL; - schednetisr(NETISR_IP); /*can be skipped but to make sure*/ + schednetisr(NETISR_IP); /* can be skipped but to make sure */ nxt = IPPROTO_DONE; } else { /* @@ -601,7 +593,7 @@ ah6_input(mp, offp, proto) ip6 = mtod(m, struct ip6_hdr *); nxt = ah->ah_nxt; - /* find the sassoc. */ + /* find the sassoc. */ spi = ah->ah_spi; if (ntohs(ip6->ip6_plen) == 0) { @@ -690,7 +682,7 @@ ah6_input(mp, offp, proto) */ if ((sav->flags & SADB_X_EXT_OLD) == 0 && sav->replay) { if (ipsec_chkreplay(ntohl(((struct newah *)ah)->ah_seq), sav)) - ; /*okey*/ + ; /* okey */ else { ipsec6stat.in_ahreplay++; ipseclog((LOG_WARNING, @@ -816,7 +808,7 @@ ah6_input(mp, offp, proto) * XXX more sanity checks * XXX relationship with gif? */ - u_int32_t flowinfo; /*net endian*/ + u_int32_t flowinfo; /* net endian */ flowinfo = ip6->ip6_flow; m_adj(m, off + stripsiz); @@ -844,14 +836,6 @@ ah6_input(mp, offp, proto) goto fail; } -#if 0 /* XXX should we call ipfw rather than ipsec_in_reject? */ - /* drop it if it does not match the default policy */ - if (ipsec6_in_reject(m, NULL)) { - ipsec6stat.in_polvio++; - goto fail; - } -#endif - #if 1 /* * should the inner packet be considered authentic? @@ -874,7 +858,7 @@ ah6_input(mp, offp, proto) goto fail; } m = NULL; - schednetisr(NETISR_IPV6); /*can be skipped but to make sure*/ + schednetisr(NETISR_IPV6); /* can be skipped but to make sure */ nxt = IPPROTO_DONE; } else { /* diff --git a/sys/netinet6/ah_output.c b/sys/netinet6/ah_output.c index 983ecab..e850752 100644 --- a/sys/netinet6/ah_output.c +++ b/sys/netinet6/ah_output.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ah_output.c,v 1.30 2001/02/21 00:50:53 itojun Exp $ */ +/* $KAME: ah_output.c,v 1.31 2001/07/26 06:53:15 jinmei Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -151,9 +151,9 @@ ah4_output(m, isr) u_int32_t spi; u_char *ahdrpos; u_char *ahsumpos = NULL; - size_t hlen = 0; /*IP header+option in bytes*/ - size_t plen = 0; /*AH payload size in bytes*/ - size_t ahlen = 0; /*plen + sizeof(ah)*/ + size_t hlen = 0; /* IP header+option in bytes */ + size_t plen = 0; /* AH payload size in bytes */ + size_t ahlen = 0; /* plen + sizeof(ah) */ struct ip *ip; struct in_addr dst; struct in_addr *finaldst; @@ -189,11 +189,11 @@ ah4_output(m, isr) */ if (sav->flags & SADB_X_EXT_OLD) { /* RFC 1826 */ - plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /*XXX pad to 8byte?*/ + plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /* XXX pad to 8byte? */ ahlen = plen + sizeof(struct ah); } else { /* RFC 2402 */ - plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /*XXX pad to 8byte?*/ + plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /* XXX pad to 8byte? */ ahlen = plen + sizeof(struct newah); } @@ -230,7 +230,7 @@ ah4_output(m, isr) ahdrpos = mtod(m->m_next, u_char *); } - ip = mtod(m, struct ip *); /*just to be sure*/ + ip = mtod(m, struct ip *); /* just to be sure */ /* * initialize AH. @@ -315,7 +315,7 @@ ah4_output(m, isr) } if (finaldst) { - ip = mtod(m, struct ip *); /*just to make sure*/ + ip = mtod(m, struct ip *); /* just to make sure */ ip->ip_dst.s_addr = dst.s_addr; } ipsecstat.out_success++; @@ -339,11 +339,11 @@ ah_hdrlen(sav) return 0; if (sav->flags & SADB_X_EXT_OLD) { /* RFC 1826 */ - plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /*XXX pad to 8byte?*/ + plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /* XXX pad to 8byte? */ ahlen = plen + sizeof(struct ah); } else { /* RFC 2402 */ - plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /*XXX pad to 8byte?*/ + plen = ((*algo->sumsiz)(sav) + 3) & ~(4 - 1); /* XXX pad to 8byte? */ ahlen = plen + sizeof(struct newah); } @@ -367,7 +367,7 @@ ah6_output(m, nexthdrp, md, isr) const struct ah_algorithm *algo; u_int32_t spi; u_char *ahsumpos = NULL; - size_t plen; /*AH payload size in bytes*/ + size_t plen; /* AH payload size in bytes */ int error = 0; int ahlen; struct ip6_hdr *ip6; diff --git a/sys/netinet6/dest6.c b/sys/netinet6/dest6.c index 8ecde86..ced896f 100644 --- a/sys/netinet6/dest6.c +++ b/sys/netinet6/dest6.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: dest6.c,v 1.27 2001/03/29 05:34:30 itojun Exp $ */ +/* $KAME: dest6.c,v 1.34 2002/01/08 02:40:55 k-sugyou Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/sys/netinet6/esp.h b/sys/netinet6/esp.h index 320e994..28fe456 100644 --- a/sys/netinet6/esp.h +++ b/sys/netinet6/esp.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: esp.h,v 1.16 2000/10/18 21:28:00 itojun Exp $ */ +/* $KAME: esp.h,v 1.19 2001/09/04 08:43:19 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -43,30 +43,30 @@ struct esp { u_int32_t esp_spi; /* ESP */ - /*variable size, 32bit bound*/ /* Initialization Vector */ - /*variable size*/ /* Payload data */ - /*variable size*/ /* padding */ - /*8bit*/ /* pad size */ - /*8bit*/ /* next header */ - /*8bit*/ /* next header */ - /*variable size, 32bit bound*/ /* Authentication data (new IPsec) */ + /* variable size, 32bit bound */ /* Initialization Vector */ + /* variable size */ /* Payload data */ + /* variable size */ /* padding */ + /* 8bit */ /* pad size */ + /* 8bit */ /* next header */ + /* 8bit */ /* next header */ + /* variable size, 32bit bound */ /* Authentication data (new IPsec) */ }; struct newesp { u_int32_t esp_spi; /* ESP */ u_int32_t esp_seq; /* Sequence number */ - /*variable size*/ /* (IV and) Payload data */ - /*variable size*/ /* padding */ - /*8bit*/ /* pad size */ - /*8bit*/ /* next header */ - /*8bit*/ /* next header */ - /*variable size, 32bit bound*/ /* Authentication data */ + /* variable size */ /* (IV and) Payload data */ + /* variable size */ /* padding */ + /* 8bit */ /* pad size */ + /* 8bit */ /* next header */ + /* 8bit */ /* next header */ + /* variable size, 32bit bound *//* Authentication data */ }; struct esptail { u_int8_t esp_padlen; /* pad length */ u_int8_t esp_nxt; /* Next header */ - /*variable size, 32bit bound*/ /* Authentication data (new IPsec)*/ + /* variable size, 32bit bound *//* Authentication data (new IPsec)*/ }; #ifdef _KERNEL @@ -104,6 +104,6 @@ extern size_t esp_hdrsiz __P((struct ipsecrequest *)); extern int esp_schedule __P((const struct esp_algorithm *, struct secasvar *)); extern int esp_auth __P((struct mbuf *, size_t, size_t, struct secasvar *, u_char *)); -#endif /*_KERNEL*/ +#endif /* _KERNEL */ -#endif /*_NETINET6_ESP_H_*/ +#endif /* _NETINET6_ESP_H_ */ diff --git a/sys/netinet6/esp_input.c b/sys/netinet6/esp_input.c index 6a66450..4351ac5 100644 --- a/sys/netinet6/esp_input.c +++ b/sys/netinet6/esp_input.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: esp_input.c,v 1.55 2001/03/23 08:08:47 itojun Exp $ */ +/* $KAME: esp_input.c,v 1.62 2002/01/07 11:39:57 kjc Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -197,7 +197,7 @@ esp4_input(m, off) * check for sequence number. */ if (ipsec_chkreplay(ntohl(((struct newesp *)esp)->esp_seq), sav)) - ; /*okey*/ + ; /* okey */ else { ipsecstat.in_espreplay++; ipseclog((LOG_WARNING, @@ -328,7 +328,7 @@ noreplaycheck: taillen = esptail.esp_padlen + sizeof(esptail); if (m->m_pkthdr.len < taillen - || m->m_pkthdr.len - taillen < hlen) { /*?*/ + || m->m_pkthdr.len - taillen < hlen) { /* ? */ ipseclog((LOG_WARNING, "bad pad length in IPv4 ESP input: %s %s\n", ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav))); @@ -377,14 +377,6 @@ noreplaycheck: goto bad; } -#if 0 /* XXX should call ipfw rather than ipsec_in_reject, shouldn't it ? */ - /* drop it if it does not match the default policy */ - if (ipsec4_in_reject(m, NULL)) { - ipsecstat.in_polvio++; - goto bad; - } -#endif - key_sa_recordxfer(sav, m); if (ipsec_addhist(m, IPPROTO_ESP, spi) != 0 || ipsec_addhist(m, IPPROTO_IPV4, 0) != 0) { @@ -398,7 +390,7 @@ noreplaycheck: goto bad; } m = NULL; - schednetisr(NETISR_IP); /*can be skipped but to make sure*/ + schednetisr(NETISR_IP); /* can be skipped but to make sure */ nxt = IPPROTO_DONE; } else { /* @@ -560,7 +552,7 @@ esp6_input(mp, offp, proto) * check for sequence number. */ if (ipsec_chkreplay(ntohl(((struct newesp *)esp)->esp_seq), sav)) - ; /*okey*/ + ; /* okey */ else { ipsec6stat.in_espreplay++; ipseclog((LOG_WARNING, @@ -645,7 +637,7 @@ noreplaycheck: } #ifndef PULLDOWN_TEST - IP6_EXTHDR_CHECK(m, off, esplen + ivlen, IPPROTO_DONE); /*XXX*/ + IP6_EXTHDR_CHECK(m, off, esplen + ivlen, IPPROTO_DONE); /* XXX */ #else IP6_EXTHDR_GET(esp, struct esp *, m, off, esplen + ivlen); if (esp == NULL) { @@ -654,7 +646,7 @@ noreplaycheck: goto bad; } #endif - ip6 = mtod(m, struct ip6_hdr *); /*set it again just in case*/ + ip6 = mtod(m, struct ip6_hdr *); /* set it again just in case */ /* * pre-compute and cache intermediate key @@ -690,7 +682,7 @@ noreplaycheck: taillen = esptail.esp_padlen + sizeof(esptail); if (m->m_pkthdr.len < taillen - || m->m_pkthdr.len - taillen < sizeof(struct ip6_hdr)) { /*?*/ + || m->m_pkthdr.len - taillen < sizeof(struct ip6_hdr)) { /* ? */ ipseclog((LOG_WARNING, "bad pad length in IPv6 ESP input: %s %s\n", ipsec6_logpacketstr(ip6, spi), ipsec_logsastr(sav))); @@ -712,7 +704,7 @@ noreplaycheck: * XXX more sanity checks * XXX relationship with gif? */ - u_int32_t flowinfo; /*net endian*/ + u_int32_t flowinfo; /* net endian */ flowinfo = ip6->ip6_flow; m_adj(m, off + esplen + ivlen); if (m->m_len < sizeof(*ip6)) { @@ -743,14 +735,6 @@ noreplaycheck: goto bad; } -#if 0 /* XXX should call ipfw rather than ipsec_in_reject, shouldn't it ? */ - /* drop it if it does not match the default policy */ - if (ipsec6_in_reject(m, NULL)) { - ipsec6stat.in_polvio++; - goto bad; - } -#endif - key_sa_recordxfer(sav, m); if (ipsec_addhist(m, IPPROTO_ESP, spi) != 0 || ipsec_addhist(m, IPPROTO_IPV6, 0) != 0) { @@ -764,7 +748,7 @@ noreplaycheck: goto bad; } m = NULL; - schednetisr(NETISR_IPV6); /*can be skipped but to make sure*/ + schednetisr(NETISR_IPV6); /* can be skipped but to make sure */ nxt = IPPROTO_DONE; } else { /* diff --git a/sys/netinet6/esp_output.c b/sys/netinet6/esp_output.c index 7770b78..3e89c5d 100644 --- a/sys/netinet6/esp_output.c +++ b/sys/netinet6/esp_output.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: esp_output.c,v 1.43 2001/03/01 07:10:45 itojun Exp $ */ +/* $KAME: esp_output.c,v 1.44 2001/07/26 06:53:15 jinmei Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -189,7 +189,7 @@ esp_output(m, nexthdrp, md, isr, af) const struct esp_algorithm *algo; u_int32_t spi; u_int8_t nxt = 0; - size_t plen; /*payload length to be encrypted*/ + size_t plen; /* payload length to be encrypted */ size_t espoff; int ivlen; int afnumber; @@ -232,7 +232,7 @@ esp_output(m, nexthdrp, md, isr, af) ipsecstat.out_inval++; break; } -#endif /*INET*/ +#endif /* INET */ #ifdef INET6 case AF_INET6: ipseclog((LOG_DEBUG, "esp6_output: internal error: " @@ -240,7 +240,7 @@ esp_output(m, nexthdrp, md, isr, af) (u_int32_t)ntohl(sav->spi))); ipsec6stat.out_inval++; break; -#endif /*INET6*/ +#endif /* INET6 */ default: panic("esp_output: should not reach here"); } @@ -275,9 +275,9 @@ esp_output(m, nexthdrp, md, isr, af) #ifdef INET6 struct ip6_hdr *ip6 = NULL; #endif - size_t esplen; /*sizeof(struct esp/newesp)*/ - size_t esphlen; /*sizeof(struct esp/newesp) + ivlen*/ - size_t hlen = 0; /*ip header len*/ + size_t esplen; /* sizeof(struct esp/newesp) */ + size_t esphlen; /* sizeof(struct esp/newesp) + ivlen */ + size_t hlen = 0; /* ip header len */ if (sav->flags & SADB_X_EXT_OLD) { /* RFC 1827 */ @@ -617,7 +617,7 @@ esp_output(m, nexthdrp, md, isr, af) while (n->m_next) n = n->m_next; - if (!(n->m_flags & M_EXT) && siz < M_TRAILINGSPACE(n)) { /*XXX*/ + if (!(n->m_flags & M_EXT) && siz < M_TRAILINGSPACE(n)) { /* XXX */ n->m_len += siz; m->m_pkthdr.len += siz; p = mtod(n, u_char *) + n->m_len - siz; @@ -700,7 +700,7 @@ esp4_output(m, isr) /* XXX assumes that m->m_next points to payload */ return esp_output(m, &ip->ip_p, m->m_next, isr, AF_INET); } -#endif /*INET*/ +#endif /* INET */ #ifdef INET6 int @@ -717,4 +717,4 @@ esp6_output(m, nexthdrp, md, isr) } return esp_output(m, nexthdrp, md, isr, AF_INET6); } -#endif /*INET6*/ +#endif /* INET6 */ diff --git a/sys/netinet6/frag6.c b/sys/netinet6/frag6.c index dbf9279..515a9fb 100644 --- a/sys/netinet6/frag6.c +++ b/sys/netinet6/frag6.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: frag6.c,v 1.31 2001/05/17 13:45:34 jinmei Exp $ */ +/* $KAME: frag6.c,v 1.33 2002/01/07 11:34:48 kjc Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/sys/netinet6/icmp6.c b/sys/netinet6/icmp6.c index d303b83..61b3fec 100644 --- a/sys/netinet6/icmp6.c +++ b/sys/netinet6/icmp6.c @@ -368,7 +368,7 @@ icmp6_error(m, type, code, param) m->m_pkthdr.rcvif = NULL; icmp6stat.icp6s_outhist[type]++; - icmp6_reflect(m, sizeof(struct ip6_hdr)); /*header order: IPv6 - ICMPv6*/ + icmp6_reflect(m, sizeof(struct ip6_hdr)); /* header order: IPv6 - ICMPv6 */ return; @@ -396,7 +396,7 @@ icmp6_input(mp, offp, proto) #ifndef PULLDOWN_TEST IP6_EXTHDR_CHECK(m, off, sizeof(struct icmp6_hdr), IPPROTO_DONE); - /* m might change if M_LOOP. So, call mtod after this */ + /* m might change if M_LOOP. So, call mtod after this */ #endif /* @@ -629,7 +629,7 @@ icmp6_input(mp, offp, proto) case MLD6_MTRACE_RESP: case MLD6_MTRACE: - /* XXX: these two are experimental. not officially defind. */ + /* XXX: these two are experimental. not officially defind. */ /* XXX: per-interface statistics? */ break; /* just pass it to applications */ @@ -698,9 +698,9 @@ icmp6_input(mp, offp, proto) bcopy(icmp6, nicmp6, sizeof(struct icmp6_hdr)); p = (u_char *)(nicmp6 + 1); bzero(p, 4); - bcopy(hostname, p + 4, maxhlen); /*meaningless TTL*/ + bcopy(hostname, p + 4, maxhlen); /* meaningless TTL */ noff = sizeof(struct ip6_hdr); - M_COPY_PKTHDR(n, m); /* just for recvif */ + M_COPY_PKTHDR(n, m); /* just for rcvif */ n->m_pkthdr.len = n->m_len = sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr) + 4 + maxhlen; nicmp6->icmp6_type = ICMP6_WRUREPLY; @@ -891,7 +891,7 @@ icmp6_notify_error(m, off, icmp6len, code) struct ip6_rthdr0 *rth0; int rthlen; - while (1) { /* XXX: should avoid inf. loop explicitly? */ + while (1) { /* XXX: should avoid infinite loop explicitly? */ struct ip6_ext *eh; switch (nxt) { @@ -1005,7 +1005,7 @@ icmp6_notify_error(m, off, icmp6len, code) default: /* * This case includes ESP and the No Next - * Header. In such cases going to the notify + * Header. In such cases going to the notify * label does not have any meaning * (i.e. ctlfunc will be NULL), but we go * anyway since we might have to update @@ -1137,8 +1137,9 @@ icmp6_mtudisc_update(ip6cp, validated) rt->rt_rmx.rmx_mtu = mtu; } } - if (rt) + if (rt) { /* XXX: need braces to avoid conflict with else in RTFREE. */ RTFREE(rt); + } } /* @@ -1554,7 +1555,7 @@ ni6_nametodns(name, namelen, old) } panic("should not reach here"); - /*NOTREACHED*/ + /* NOTREACHED */ fail: if (m) @@ -1705,7 +1706,7 @@ ni6_addrs(ni6, m, ifpp, subj) /* * check if anycast is okay. - * XXX: just experimental. not in the spec. + * XXX: just experimental. not in the spec. */ if ((ifa6->ia6_flags & IN6_IFF_ANYCAST) != 0 && (niflags & NI_NODEADDR_FLAG_ANYCAST) == 0) @@ -2106,7 +2107,7 @@ icmp6_reflect(m, off) if (ia == NULL && IN6_IS_ADDR_LINKLOCAL(&t) && (m->m_flags & M_LOOP)) { /* * This is the case if the dst is our link-local address - * and the sender is also ourseleves. + * and the sender is also ourselves. */ src = &t; } @@ -2117,7 +2118,7 @@ icmp6_reflect(m, off) /* * This case matches to multicasts, our anycast, or unicasts - * that we do not own. Select a source address based on the + * that we do not own. Select a source address based on the * source address of the erroneous packet. */ bzero(&ro, sizeof(ro)); @@ -2352,7 +2353,7 @@ icmp6_redirect_input(m, off) nd6_cache_lladdr(ifp, &redtgt6, lladdr, lladdrlen, ND_REDIRECT, is_onlink ? ND_REDIRECT_ONLINK : ND_REDIRECT_ROUTER); - if (!is_onlink) { /* better router case. perform rtredirect. */ + if (!is_onlink) { /* better router case. perform rtredirect. */ /* perform rtredirect */ struct sockaddr_in6 sdst; struct sockaddr_in6 sgw; @@ -2540,7 +2541,7 @@ icmp6_redirect_output(m0, rt) if (!rt_router) goto nolladdropt; len = sizeof(*nd_opt) + ifp->if_addrlen; - len = (len + 7) & ~7; /*round by 8*/ + len = (len + 7) & ~7; /* round by 8 */ /* safety check */ if (len + (p - (u_char *)ip6) > maxlen) goto nolladdropt; @@ -2798,11 +2799,11 @@ ppsratecheck(lasttime, curpps, maxpps) timersub(&tv, lasttime, &delta); /* - * check for 0,0 is so that the message will be seen at least once. - * if more than one second have passed since the last update of + * Check for 0,0 so that the message will be seen at least once. + * If more than one second has passed since the last update of * lasttime, reset the counter. * - * we do increment *curpps even in *curpps < maxpps case, as some may + * We do increment *curpps even in *curpps < maxpps case, as some may * try to use *curpps for stat purposes as well. */ if ((lasttime->tv_sec == 0 && lasttime->tv_usec == 0) || @@ -2817,7 +2818,7 @@ ppsratecheck(lasttime, curpps, maxpps) else rv = 0; -#if 1 /*DIAGNOSTIC?*/ +#if 1 /* DIAGNOSTIC? */ /* be careful about wrap-around */ if (*curpps + 1 > *curpps) *curpps = *curpps + 1; @@ -2852,7 +2853,7 @@ icmp6_ratelimit(dst, type, code) { int ret; - ret = 0; /*okay to send*/ + ret = 0; /* okay to send */ /* PPS limit */ if (!ppsratecheck(&icmp6errppslim_last, &icmp6errpps_count, diff --git a/sys/netinet6/in6.c b/sys/netinet6/in6.c index f427c7c..f0e7b40 100644 --- a/sys/netinet6/in6.c +++ b/sys/netinet6/in6.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: in6.c,v 1.187 2001/05/24 07:43:59 itojun Exp $ */ +/* $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -94,9 +94,9 @@ #include <netinet/in_pcb.h> #endif -#include <netinet6/nd6.h> #include <netinet/ip6.h> #include <netinet6/ip6_var.h> +#include <netinet6/nd6.h> #include <netinet6/mld6_var.h> #include <netinet6/ip6_mroute.h> #include <netinet6/in6_ifattach.h> @@ -252,7 +252,7 @@ in6_ifremloop(struct ifaddr *ifa) */ /* - * Delete the entry only if exact one ifa exists. More than one ifa + * Delete the entry only if exact one ifa exists. More than one ifa * can exist if we assign a same single address to multiple * (probably p2p) interfaces. * XXX: we should avoid such a configuration in IPv6... @@ -268,9 +268,9 @@ in6_ifremloop(struct ifaddr *ifa) if (ia_count == 1) { /* * Before deleting, check if a corresponding loopbacked host - * route surely exists. With this check, we can avoid to + * route surely exists. With this check, we can avoid to * delete an interface direct route whose destination is same - * as the address being removed. This can happen when remofing + * as the address being removed. This can happen when remofing * a subnet-router anycast address on an interface attahced * to a shared medium. */ @@ -396,7 +396,7 @@ in6_control(so, cmd, data, ifp, td) case SIOCSIFINFO_FLAGS: if (!privileged) return(EPERM); - /*fall through*/ + /* fall through */ case OSIOCGIFINFO_IN6: case SIOCGIFINFO_IN6: case SIOCGDRLST_IN6: @@ -419,7 +419,7 @@ in6_control(so, cmd, data, ifp, td) return(EOPNOTSUPP); } - switch(cmd) { + switch (cmd) { case SIOCSSCOPE6: if (!privileged) return(EPERM); @@ -438,7 +438,7 @@ in6_control(so, cmd, data, ifp, td) case SIOCDLIFADDR: if (!privileged) return(EPERM); - /*fall through*/ + /* fall through */ case SIOCGLIFADDR: return in6_lifaddr_ioctl(so, cmd, data, ifp, td); } @@ -643,10 +643,11 @@ in6_control(so, cmd, data, ifp, td) ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; } /* - * XXX: since we don't have enough APIs, we just set inifinity - * to lifetimes. They can be overridden by later advertised - * RAs (when accept_rtadv is non 0), but we'd rather intend - * such a behavior. + * XXX: since we don't have an API to set prefix (not address) + * lifetimes, we just use the same lifetimes as addresses. + * The (temporarily) installed lifetimes can be overridden by + * later advertised RAs (when accept_rtadv is non 0), which is + * an intended behavior. */ pr0.ndpr_raf_onlink = 1; /* should be configurable? */ pr0.ndpr_raf_auto = @@ -815,7 +816,7 @@ in6_update_ifa(ifp, ifra, ia) } else { /* - * In this case, ia must not be NULL. We just use its prefix + * In this case, ia must not be NULL. We just use its prefix * length. */ plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); @@ -1341,7 +1342,7 @@ in6_lifaddr_ioctl(so, cmd, data, ifp, td) /* address must be specified on GET with IFLR_PREFIX */ if ((iflr->flags & IFLR_PREFIX) == 0) break; - /*FALLTHROUGH*/ + /* FALLTHROUGH */ case SIOCALIFADDR: case SIOCDLIFADDR: /* address must be specified on ADD and DELETE */ @@ -1357,10 +1358,10 @@ in6_lifaddr_ioctl(so, cmd, data, ifp, td) if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) return EINVAL; break; - default: /*shouldn't happen*/ + default: /* shouldn't happen */ #if 0 panic("invalid cmd to in6_lifaddr_ioctl"); - /*NOTREACHED*/ + /* NOTREACHED */ #else return EOPNOTSUPP; #endif @@ -1462,7 +1463,7 @@ in6_lifaddr_ioctl(so, cmd, data, ifp, td) } else { if (cmd == SIOCGLIFADDR) { /* on getting an address, take the 1st match */ - cmp = 0; /*XXX*/ + cmp = 0; /* XXX */ } else { /* on deleting an address, do exact match */ in6_len2mask(&mask, 128); @@ -1535,7 +1536,7 @@ in6_lifaddr_ioctl(so, cmd, data, ifp, td) in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); - iflr->flags = ia->ia6_flags; /*XXX*/ + iflr->flags = ia->ia6_flags; /* XXX */ return 0; } else { @@ -1565,7 +1566,7 @@ in6_lifaddr_ioctl(so, cmd, data, ifp, td) } } - return EOPNOTSUPP; /*just for safety*/ + return EOPNOTSUPP; /* just for safety */ } /* @@ -1630,7 +1631,7 @@ in6_ifinit(ifp, ia, sin6, newhost) ia->ia_ifa.ifa_flags |= RTF_CLONING; } - /* Add ownaddr as loopback rtentry, if necessary(ex. on p2p link). */ + /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ if (newhost) { /* set the rtrequest function to create llinfo */ ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; @@ -2237,7 +2238,7 @@ in6_ifawithifp(ifp, dst) int dst_scope = in6_addrscope(dst), blen = -1, tlen; struct ifaddr *ifa; struct in6_ifaddr *besta = 0; - struct in6_ifaddr *dep[2]; /*last-resort: deprecated*/ + struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ dep[0] = dep[1] = NULL; @@ -2395,7 +2396,7 @@ in6_setmaxmtu() } /* - * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be + * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be * v4 mapped addr or v4 compat addr */ void diff --git a/sys/netinet6/in6.h b/sys/netinet6/in6.h index 059e7ae..186849b 100644 --- a/sys/netinet6/in6.h +++ b/sys/netinet6/in6.h @@ -126,7 +126,7 @@ struct in6_addr { }; #define s6_addr __u6_addr.__u6_addr8 -#ifdef _KERNEL /*XXX nonstandard*/ +#ifdef _KERNEL /* XXX nonstandard */ #define s6_addr8 __u6_addr.__u6_addr8 #define s6_addr16 __u6_addr.__u6_addr16 #define s6_addr32 __u6_addr.__u6_addr32 @@ -152,7 +152,7 @@ struct sockaddr_in6 { /* * Local definition for masks */ -#ifdef _KERNEL /*XXX nonstandard*/ +#ifdef _KERNEL /* XXX nonstandard */ #define IN6MASK0 {{{ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }}} #define IN6MASK32 {{{ 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, \ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }}} @@ -177,7 +177,7 @@ extern const struct in6_addr in6mask128; /* * Macros started with IPV6_ADDR is KAME local */ -#ifdef _KERNEL /*XXX nonstandard*/ +#ifdef _KERNEL /* XXX nonstandard */ #if BYTE_ORDER == BIG_ENDIAN #define IPV6_ADDR_INT32_ONE 1 #define IPV6_ADDR_INT32_TWO 2 @@ -286,7 +286,7 @@ extern const struct in6_addr in6addr_linklocal_allrouters; * KAME Scope Values */ -#ifdef _KERNEL /*XXX nonstandard*/ +#ifdef _KERNEL /* XXX nonstandard */ #define IPV6_ADDR_SCOPE_NODELOCAL 0x01 #define IPV6_ADDR_SCOPE_LINKLOCAL 0x02 #define IPV6_ADDR_SCOPE_SITELOCAL 0x05 @@ -314,7 +314,7 @@ extern const struct in6_addr in6addr_linklocal_allrouters; */ #define IN6_IS_ADDR_MULTICAST(a) ((a)->s6_addr[0] == 0xff) -#ifdef _KERNEL /*XXX nonstandard*/ +#ifdef _KERNEL /* XXX nonstandard */ #define IPV6_ADDR_MC_SCOPE(a) ((a)->s6_addr[1] & 0x0f) #else #define __IPV6_ADDR_MC_SCOPE(a) ((a)->s6_addr[1] & 0x0f) @@ -323,7 +323,7 @@ extern const struct in6_addr in6addr_linklocal_allrouters; /* * Multicast Scope */ -#ifdef _KERNEL /*refers nonstandard items */ +#ifdef _KERNEL /* refers nonstandard items */ #define IN6_IS_ADDR_MC_NODELOCAL(a) \ (IN6_IS_ADDR_MULTICAST(a) && \ (IPV6_ADDR_MC_SCOPE(a) == IPV6_ADDR_SCOPE_NODELOCAL)) @@ -357,7 +357,7 @@ extern const struct in6_addr in6addr_linklocal_allrouters; (__IPV6_ADDR_MC_SCOPE(a) == __IPV6_ADDR_SCOPE_GLOBAL)) #endif -#ifdef _KERNEL /*nonstandard*/ +#ifdef _KERNEL /* nonstandard */ /* * KAME Scope */ @@ -419,12 +419,12 @@ struct route_in6 { #define IPV6_BINDV6ONLY IPV6_V6ONLY #endif -#if 1 /*IPSEC*/ +#if 1 /* IPSEC */ #define IPV6_IPSEC_POLICY 28 /* struct; get/set security policy */ #endif #define IPV6_FAITH 29 /* bool; accept FAITH'ed connections */ -#if 1 /*IPV6FIREWALL*/ +#if 1 /* IPV6FIREWALL */ #define IPV6_FW_ADD 30 /* add a firewall rule to chain */ #define IPV6_FW_DEL 31 /* delete a firewall rule from chain */ #define IPV6_FW_FLUSH 32 /* flush firewall rule chain */ @@ -441,8 +441,8 @@ struct route_in6 { /* * Defaults and limits for options */ -#define IPV6_DEFAULT_MULTICAST_HOPS 1 /* normally limit m'casts to 1 hop */ -#define IPV6_DEFAULT_MULTICAST_LOOP 1 /* normally hear sends if a member */ +#define IPV6_DEFAULT_MULTICAST_HOPS 1 /* normally limit m'casts to 1 hop */ +#define IPV6_DEFAULT_MULTICAST_LOOP 1 /* normally hear sends if a member */ /* * Argument structure for IPV6_JOIN_GROUP and IPV6_LEAVE_GROUP. @@ -551,7 +551,7 @@ struct in6_pktinfo { #define IPV6CTL_KAME_VERSION 20 #define IPV6CTL_USE_DEPRECATED 21 /* use deprecated addr (RFC2462 5.5.4) */ #define IPV6CTL_RR_PRUNE 22 /* walk timer for router renumbering */ -#if 0 /*obsolete*/ +#if 0 /* obsolete */ #define IPV6CTL_MAPPED_ADDR 23 #endif #define IPV6CTL_V6ONLY 24 diff --git a/sys/netinet6/in6_ifattach.c b/sys/netinet6/in6_ifattach.c index 3e41bd7..9150a36 100644 --- a/sys/netinet6/in6_ifattach.c +++ b/sys/netinet6/in6_ifattach.c @@ -105,7 +105,7 @@ static int in6_ifattach_loopback __P((struct ifnet *)); static int get_rand_ifid(ifp, in6) struct ifnet *ifp; - struct in6_addr *in6; /*upper 64bits are preserved */ + struct in6_addr *in6; /* upper 64bits are preserved */ { MD5_CTX ctxt; u_int8_t digest[16]; @@ -156,8 +156,9 @@ generate_tmp_ifid(seed0, seed1, ret) val32 = random() ^ tv.tv_usec; bcopy(&val32, seed + sizeof(val32) * i, sizeof(val32)); } - } else + } else { bcopy(seed0, seed, 8); + } /* copy the right-most 64-bits of the given address */ /* XXX assumption on the size of IFID */ @@ -227,7 +228,7 @@ generate_tmp_ifid(seed0, seed1, ret) static int get_hw_ifid(ifp, in6) struct ifnet *ifp; - struct in6_addr *in6; /*upper 64bits are preserved */ + struct in6_addr *in6; /* upper 64bits are preserved */ { struct ifaddr *ifa; struct sockaddr_dl *sdl; @@ -360,7 +361,7 @@ found: static int get_ifid(ifp0, altifp, in6) struct ifnet *ifp0; - struct ifnet *altifp; /*secondary EUI64 source*/ + struct ifnet *altifp; /* secondary EUI64 source */ struct in6_addr *in6; { struct ifnet *ifp; @@ -479,7 +480,7 @@ in6_ifattach_linklocal(ifp, altifp) /* * Do not let in6_update_ifa() do DAD, since we need a random delay - * before sending an NS at the first time the inteface becomes up. + * before sending an NS at the first time the interface becomes up. * Instead, in6_if_up() will start DAD with a proper random delay. */ ifra.ifra_flags |= IN6_IFF_NODAD; @@ -487,7 +488,8 @@ in6_ifattach_linklocal(ifp, altifp) /* * Now call in6_update_ifa() to do a bunch of procedures to configure * a link-local address. We can set NULL to the 3rd argument, because - * we know there's no other link-local address on the interface. + * we know there's no other link-local address on the interface + * and therefore we are adding one (instead of updating one). */ if ((error = in6_update_ifa(ifp, &ifra, NULL)) != 0) { /* @@ -513,7 +515,7 @@ in6_ifattach_linklocal(ifp, altifp) #ifdef DIAGNOSTIC if (!ia) { panic("ia == NULL in in6_ifattach_linklocal"); - /*NOTREACHED*/ + /* NOTREACHED */ } #endif if (in6if_do_dad(ifp) && (ifp->if_flags & IFF_POINTOPOINT) == 0) { @@ -597,15 +599,15 @@ in6_ifattach_loopback(ifp) ifra.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; ifra.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; - /* we don't need to perfrom DAD on loopback interfaces. */ + /* we don't need to perform DAD on loopback interfaces. */ ifra.ifra_flags |= IN6_IFF_NODAD; /* skip registration to the prefix list. XXX should be temporary. */ ifra.ifra_flags |= IN6_IFF_NOPFX; /* - * We can set NULL to the 3rd arg. See comments in - * in6_ifattach_linklocal(). + * We are sure that this is a newly assigned address, so we can set + * NULL to the 3rd arg. */ if ((error = in6_update_ifa(ifp, &ifra, NULL)) != 0) { log(LOG_ERR, "in6_ifattach_loopback: failed to configure " @@ -644,7 +646,7 @@ in6_nigroup(ifp, name, namelen, in6) while (p && *p && *p != '.' && p - name < namelen) p++; if (p - name > sizeof(n) - 1) - return -1; /*label too long*/ + return -1; /* label too long */ l = p - name; strncpy(n, name, l); n[(int)l] = '\0'; @@ -798,8 +800,10 @@ in6_ifattach(ifp, altifp) #ifdef IFT_STF case IFT_STF: /* - * 6to4 interface is a very speical kind of beast. - * no multicast, no linklocal (based on 03 draft). + * 6to4 interface is a very special kind of beast. + * no multicast, no linklocal. RFC2529 specifies how to make + * linklocals for 6to4 interface, but there's no use and + * it is rather harmful to have one. */ goto statinit; #endif diff --git a/sys/netinet6/in6_pcb.c b/sys/netinet6/in6_pcb.c index cca0c6f..09a5c29 100644 --- a/sys/netinet6/in6_pcb.c +++ b/sys/netinet6/in6_pcb.c @@ -342,7 +342,8 @@ in6_pcbconnect(inp, nam, td) int error; /* - * Call inner routine, to assign local interface address. + * Call inner routine, to assign local interface address. + * in6_pcbladdr() may automatically fill in sin6_scope_id. */ if ((error = in6_pcbladdr(inp, nam, &addr6)) != 0) return(error); @@ -722,6 +723,7 @@ in6_mapped_sockaddr(struct socket *so, struct sockaddr **nam) if (error == 0) in6_sin_2_v4mapsin6_in_sock(nam); } else + /* scope issues will be handled in in6_setsockaddr(). */ error = in6_setsockaddr(so, nam); return error; @@ -740,6 +742,7 @@ in6_mapped_peeraddr(struct socket *so, struct sockaddr **nam) if (error == 0) in6_sin_2_v4mapsin6_in_sock(nam); } else + /* scope issues will be handled in in6_setpeeraddr(). */ error = in6_setpeeraddr(so, nam); return error; diff --git a/sys/netinet6/in6_proto.c b/sys/netinet6/in6_proto.c index 9b1b819..52d247f 100644 --- a/sys/netinet6/in6_proto.c +++ b/sys/netinet6/in6_proto.c @@ -124,7 +124,7 @@ #ifdef INET6 #include <netinet6/ipcomp6.h> #endif -#endif /*IPSEC*/ +#endif /* IPSEC */ #include <netinet6/ip6protosw.h> @@ -224,7 +224,7 @@ struct ip6protosw inet6sw[] = { encap_init, 0, 0, 0, &rip6_usrreqs }, -#endif /*INET*/ +#endif /* INET */ { SOCK_RAW, &inet6domain, IPPROTO_IPV6, PR_ATOMIC|PR_ADDR|PR_LASTHDR, encap6_input, rip6_output, 0, rip6_ctloutput, 0, diff --git a/sys/netinet6/in6_rmx.c b/sys/netinet6/in6_rmx.c index a56cfe2..60732b2 100644 --- a/sys/netinet6/in6_rmx.c +++ b/sys/netinet6/in6_rmx.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: in6_rmx.c,v 1.10 2001/05/24 05:44:58 itojun Exp $ */ +/* $KAME: in6_rmx.c,v 1.11 2001/07/26 06:53:16 jinmei Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -433,7 +433,7 @@ in6_mtutimo(void *rock) atv.tv_sec = arg.nextstop; if (atv.tv_sec < time_second) { printf("invalid mtu expiration time on routing table\n"); - arg.nextstop = time_second + 30; /*last resort*/ + arg.nextstop = time_second + 30; /* last resort */ } timeout(in6_mtutimo, rock, tvtohz(&atv)); } diff --git a/sys/netinet6/in6_var.h b/sys/netinet6/in6_var.h index c109bfc..06fff7b 100644 --- a/sys/netinet6/in6_var.h +++ b/sys/netinet6/in6_var.h @@ -80,7 +80,7 @@ * hour rule for hosts). they should never be modified by nd6_timeout or * anywhere else. * userland -> kernel: accept pltime/vltime - * kernel -> userland: throuw up everything + * kernel -> userland: throw up everything * in kernel: modify preferred/expire only */ struct in6_addrlifetime { @@ -513,7 +513,7 @@ extern LIST_HEAD(in6_multihead, in6_multi) in6_multihead; /* * Structure used by macros below to remember position when stepping through - * all of eht in6_multi records. + * all of the in6_multi records. */ struct in6_multistep { struct in6_ifaddr *i_ia; diff --git a/sys/netinet6/ip6_forward.c b/sys/netinet6/ip6_forward.c index 0e8ce9ae..97fa8d6 100644 --- a/sys/netinet6/ip6_forward.c +++ b/sys/netinet6/ip6_forward.c @@ -128,7 +128,7 @@ ip6_forward(m, srcrt) m_freem(m); return; } -#endif /*IPSEC*/ +#endif /* IPSEC */ /* * Do not forward packets to multicast destination (should be handled @@ -278,7 +278,7 @@ ip6_forward(m, srcrt) break; default: printf("ip6_output (ipsec): error code %d\n", error); - /*fall through*/ + /* fall through */ case ENOENT: /* don't show these error codes to the user */ break; @@ -354,7 +354,7 @@ ip6_forward(m, srcrt) * for the reason that the destination is beyond the scope of the * source address, discard the packet and return an icmp6 destination * unreachable error with Code 2 (beyond scope of source address). - * [draft-ietf-ipngwg-icmp-v3-00.txt, Section 3.1] + * [draft-ietf-ipngwg-icmp-v3-02.txt, Section 3.1] */ if (in6_addr2scopeid(m->m_pkthdr.rcvif, &ip6->ip6_src) != in6_addr2scopeid(rt->rt_ifp, &ip6->ip6_src)) { @@ -550,7 +550,6 @@ ip6_forward(m, srcrt) } if (mcopy == NULL) return; - switch (error) { case 0: #if 1 diff --git a/sys/netinet6/ip6_fw.c b/sys/netinet6/ip6_fw.c index 468400c..fc515d3 100644 --- a/sys/netinet6/ip6_fw.c +++ b/sys/netinet6/ip6_fw.c @@ -2,6 +2,35 @@ /* $KAME: ip6_fw.c,v 1.21 2001/01/24 01:25:32 itojun Exp $ */ /* + * Copyright (C) 1998, 1999, 2000 and 2001 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* * Copyright (c) 1993 Daniel Boulet * Copyright (c) 1994 Ugen J.S.Antsilevich * Copyright (c) 1996 Alex Nash diff --git a/sys/netinet6/ip6_fw.h b/sys/netinet6/ip6_fw.h index 2298804..3c1dcd0 100644 --- a/sys/netinet6/ip6_fw.h +++ b/sys/netinet6/ip6_fw.h @@ -1,5 +1,34 @@ /* $FreeBSD$ */ -/* $KAME: ip6_fw.h,v 1.7 2001/01/24 01:25:33 itojun Exp $ */ +/* $KAME: ip6_fw.h,v 1.9 2001/08/01 04:29:57 sumikawa Exp $ */ + +/* + * Copyright (C) 1998, 1999, 2000 and 2001 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ /* * Copyright (c) 1993 Daniel Boulet diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c index eb95fe8..16df5bb 100644 --- a/sys/netinet6/ip6_input.c +++ b/sys/netinet6/ip6_input.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ip6_input.c,v 1.194 2001/05/27 13:28:35 itojun Exp $ */ +/* $KAME: ip6_input.c,v 1.259 2002/01/21 04:58:09 jinmei Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -100,7 +100,7 @@ #ifdef INET #include <netinet/ip.h> #include <netinet/ip_icmp.h> -#endif /*INET*/ +#endif /* INET */ #include <netinet/ip6.h> #include <netinet6/in6_var.h> #include <netinet6/ip6_var.h> @@ -147,7 +147,6 @@ struct ip6stat ip6stat; static void ip6_init2 __P((void *)); static struct mbuf *ip6_setdstifaddr __P((struct mbuf *, struct in6_ifaddr *)); - static int ip6_hopopts_input __P((u_int32_t *, u_int32_t *, struct mbuf **, int *)); #ifdef PULLDOWN_TEST static struct mbuf *ip6_pullexthdr __P((struct mbuf *, size_t, int)); @@ -279,7 +278,7 @@ ip6_input(m) ip6_delaux(m); /* - * mbuf statistics by kazu + * mbuf statistics */ if (m->m_flags & M_EXT) { if (m->m_next) @@ -290,7 +289,7 @@ ip6_input(m) #define M2MMAX (sizeof(ip6stat.ip6s_m2m)/sizeof(ip6stat.ip6s_m2m[0])) if (m->m_next) { if (m->m_flags & M_LOOP) { - ip6stat.ip6s_m2m[loif[0].if_index]++; /*XXX*/ + ip6stat.ip6s_m2m[loif[0].if_index]++; /* XXX */ } else if (m->m_pkthdr.rcvif->if_index < M2MMAX) ip6stat.ip6s_m2m[m->m_pkthdr.rcvif->if_index]++; else @@ -322,7 +321,7 @@ ip6_input(m) n = NULL; } } - if (!n) { + if (n == NULL) { m_freem(m); return; /*ENOBUFS*/ } @@ -412,6 +411,7 @@ ip6_input(m) in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); goto bad; } + /* * The following check is not documented in specs. A malicious * party may be able to use IPv4 mapped addr to confuse tcp/udp stack @@ -635,7 +635,7 @@ ip6_input(m) && ip6_forward_rt.ro_rt->rt_ifp->if_type == IFT_FAITH) { /* XXX do we need more sanity checks? */ ours = 1; - deliverifp = ip6_forward_rt.ro_rt->rt_ifp; /*faith*/ + deliverifp = ip6_forward_rt.ro_rt->rt_ifp; /* faith */ goto hbhcheck; } } @@ -692,7 +692,7 @@ ip6_input(m) ip6 = mtod(m, struct ip6_hdr *); /* - * if the payload length field is 0 and the next header field + * if the payload length field is 0 and the next header field * indicates Hop-by-Hop Options header, then a Jumbo Payload * option MUST be included. */ diff --git a/sys/netinet6/ip6_mroute.c b/sys/netinet6/ip6_mroute.c index e235e5e0..99ef536 100644 --- a/sys/netinet6/ip6_mroute.c +++ b/sys/netinet6/ip6_mroute.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ip6_mroute.c,v 1.46 2001/04/04 05:17:30 itojun Exp $ */ +/* $KAME: ip6_mroute.c,v 1.58 2001/12/18 02:36:31 itojun Exp $ */ /* * Copyright (C) 1998 WIDE Project. @@ -94,7 +94,7 @@ static int register_send __P((struct ip6_hdr *, struct mif6 *, * Globals. All but ip6_mrouter, ip6_mrtproto and mrt6stat could be static, * except for netstat or debugging purposes. */ -struct socket *ip6_mrouter = NULL; +struct socket *ip6_mrouter = NULL; int ip6_mrouter_ver = 0; int ip6_mrtproto = IPPROTO_PIM; /* for netstat only */ struct mrt6stat mrt6stat; @@ -103,7 +103,7 @@ struct mrt6stat mrt6stat; #define RTE_FOUND 0x2 struct mf6c *mf6ctable[MF6CTBLSIZ]; -u_char nexpire[MF6CTBLSIZ]; +u_char n6expire[MF6CTBLSIZ]; static struct mif6 mif6table[MAXMIFS]; #ifdef MRT6DEBUG u_int mrt6debug = 0; /* debug level */ @@ -408,7 +408,7 @@ ip6_mrouter_init(so, m, cmd) ip6_mrouter_ver = cmd; bzero((caddr_t)mf6ctable, sizeof(mf6ctable)); - bzero((caddr_t)nexpire, sizeof(nexpire)); + bzero((caddr_t)n6expire, sizeof(n6expire)); pim6 = 0;/* used for stubbing out/in pim stuff */ @@ -666,7 +666,8 @@ add_m6fc(mfccp) if (rt) { #ifdef MRT6DEBUG if (mrt6debug & DEBUG_MFC) - log(LOG_DEBUG,"add_m6fc update o %s g %s p %x\n", + log(LOG_DEBUG, + "add_m6fc no upcall h %d o %s g %s p %x\n", ip6_sprintf(&mfccp->mf6cc_origin.sin6_addr), ip6_sprintf(&mfccp->mf6cc_mcastgrp.sin6_addr), mfccp->mf6cc_parent); @@ -719,7 +720,7 @@ add_m6fc(mfccp) rt->mf6c_wrong_if = 0; rt->mf6c_expire = 0; /* Don't clean this guy up */ - nexpire[hash]--; + n6expire[hash]--; /* free packets Qed at the end of this entry */ for (rte = rt->mf6c_stall; rte != NULL; ) { @@ -766,7 +767,7 @@ add_m6fc(mfccp) rt->mf6c_wrong_if = 0; if (rt->mf6c_expire) - nexpire[hash]--; + n6expire[hash]--; rt->mf6c_expire = 0; } } @@ -1130,7 +1131,7 @@ ip6_mforward(ip6, ifp, m) rt->mf6c_mcastgrp.sin6_len = sizeof(struct sockaddr_in6); rt->mf6c_mcastgrp.sin6_addr = ip6->ip6_dst; rt->mf6c_expire = UPCALL_EXPIRE; - nexpire[hash]++; + n6expire[hash]++; rt->mf6c_parent = MF6C_INCOMPLETE_PARENT; /* link into table */ @@ -1184,7 +1185,7 @@ expire_upcalls(unused) s = splnet(); for (i = 0; i < MF6CTBLSIZ; i++) { - if (nexpire[i] == 0) + if (n6expire[i] == 0) continue; nptr = &mf6ctable[i]; while ((mfc = *nptr) != NULL) { @@ -1214,7 +1215,7 @@ expire_upcalls(unused) rte = n; } while (rte != NULL); mrt6stat.mrt6s_cache_cleanups++; - nexpire[i]--; + n6expire[i]--; *nptr = mfc->mf6c_next; free(mfc, M_MRTABLE); @@ -1565,7 +1566,7 @@ register_send(ip6, mif, m) #ifdef MRT6DEBUG if (mrt6debug) log(LOG_WARNING, - "register_send: ip_mrouter socket queue full\n"); + "register_send: ip6_mrouter socket queue full\n"); #endif ++mrt6stat.mrt6s_upq_sockfull; return ENOBUFS; diff --git a/sys/netinet6/ip6_mroute.h b/sys/netinet6/ip6_mroute.h index 7871150..4c75298 100644 --- a/sys/netinet6/ip6_mroute.h +++ b/sys/netinet6/ip6_mroute.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ip6_mroute.h,v 1.17 2001/02/10 02:05:52 itojun Exp $ */ +/* $KAME: ip6_mroute.h,v 1.19 2001/06/14 06:12:55 suz Exp $ */ /* * Copyright (C) 1998 WIDE Project. diff --git a/sys/netinet6/ip6_output.c b/sys/netinet6/ip6_output.c index 2d214eb..73ae5cd 100644 --- a/sys/netinet6/ip6_output.c +++ b/sys/netinet6/ip6_output.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ip6_output.c,v 1.180 2001/05/21 05:37:50 jinmei Exp $ */ +/* $KAME: ip6_output.c,v 1.279 2002/01/26 06:12:30 jinmei Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -316,7 +316,8 @@ ip6_output(m0, opt, ro, flags, im6o, ifpp) /* * we treat dest2 specially. this makes IPsec processing - * much easier. + * much easier. the goal here is to make mprev point the + * mbuf prior to dest2. * * result: IPv6 dest2 payload * m and mprev will point to IPv6 header. @@ -394,7 +395,7 @@ ip6_output(m0, opt, ro, flags, im6o, ifpp) break; default: printf("ip6_output (ipsec): error code %d\n", error); - /*fall through*/ + /* fall through */ case ENOENT: /* don't show these error codes to the user */ error = 0; @@ -524,7 +525,7 @@ skip_ipsec2:; break; default: printf("ip6_output (ipsec): error code %d\n", error); - /*fall through*/ + /* fall through */ case ENOENT: /* don't show these error codes to the user */ error = 0; @@ -535,7 +536,7 @@ skip_ipsec2:; exthdrs.ip6e_ip6 = m; } -#endif /*IPSEC*/ +#endif /* IPSEC */ if (!IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) { /* Unicast */ @@ -788,9 +789,8 @@ skip_ipsec2:; * We eventually have sockaddr_in6 and use the sin6_scope_id * field of the structure here. * We rely on the consistency between two scope zone ids - * of source add destination, which should already be assured - * larger scopes than link will be supported in the near - * future. + * of source and destination, which should already be assured. + * Larger scopes than link will be supported in the future. */ origifp = NULL; if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src)) @@ -828,7 +828,7 @@ skip_ipsec2:; */ if (ip6_fw_enable && ip6_fw_chk_ptr) { u_short port = 0; - m->m_pkthdr.rcvif = NULL; /*XXX*/ + m->m_pkthdr.rcvif = NULL; /* XXX */ /* If ipfw says divert, we have to just drop packet */ if ((*ip6_fw_chk_ptr)(&ip6, ifp, &port, &m)) { m_freem(m); @@ -982,7 +982,8 @@ skip_ipsec2:; /* * Loop through length of segment after first fragment, - * make new header and copy data of each part and link onto chain. + * make new header and copy data of each part and link onto + * chain. */ m0 = m; for (off = hlen; off < tlen; off += len) { @@ -2177,7 +2178,7 @@ ip6_getmoptions(optname, im6o, mp) { u_int *hlim, *loop, *ifindex; - *mp = m_get(M_TRYWAIT, MT_HEADER); /*XXX*/ + *mp = m_get(M_TRYWAIT, MT_HEADER); /* XXX */ switch (optname) { diff --git a/sys/netinet6/ip6protosw.h b/sys/netinet6/ip6protosw.h index 94b00aa..9730121 100644 --- a/sys/netinet6/ip6protosw.h +++ b/sys/netinet6/ip6protosw.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ip6protosw.h,v 1.22 2001/02/08 18:02:08 itojun Exp $ */ +/* $KAME: ip6protosw.h,v 1.25 2001/09/26 06:13:03 keiichi Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/sys/netinet6/ipcomp.h b/sys/netinet6/ipcomp.h index 4c69d58..ed58768 100644 --- a/sys/netinet6/ipcomp.h +++ b/sys/netinet6/ipcomp.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ipcomp.h,v 1.8 2000/09/26 07:55:14 itojun Exp $ */ +/* $KAME: ipcomp.h,v 1.11 2001/09/04 08:43:19 itojun Exp $ */ /* * Copyright (C) 1999 WIDE Project. @@ -66,6 +66,6 @@ struct ipsecrequest; extern const struct ipcomp_algorithm *ipcomp_algorithm_lookup __P((int)); extern void ipcomp4_input __P((struct mbuf *, int)); extern int ipcomp4_output __P((struct mbuf *, struct ipsecrequest *)); -#endif /*KERNEL*/ +#endif /* KERNEL */ -#endif /*_NETINET6_IPCOMP_H_*/ +#endif /* _NETINET6_IPCOMP_H_ */ diff --git a/sys/netinet6/ipcomp_core.c b/sys/netinet6/ipcomp_core.c index ec031f6..bf12545 100644 --- a/sys/netinet6/ipcomp_core.c +++ b/sys/netinet6/ipcomp_core.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ipcomp_core.c,v 1.24 2000/10/23 04:24:22 itojun Exp $ */ +/* $KAME: ipcomp_core.c,v 1.25 2001/07/26 06:53:17 jinmei Exp $ */ /* * Copyright (C) 1999 WIDE Project. @@ -156,7 +156,7 @@ do { \ n->m_len = 0; \ n->m_len = M_TRAILINGSPACE(n); \ n->m_next = NULL; \ - /* \ + /* \ * if this is the first reply buffer, reserve \ * region for ipcomp header. \ */ \ @@ -217,13 +217,13 @@ do { \ : deflate(&zs, Z_NO_FLUSH); if (zerror == Z_STREAM_END) - ; /*once more.*/ + ; /* once more. */ else if (zerror == Z_OK) { /* inflate: Z_OK can indicate the end of decode */ if (mode && !p && zs.avail_out != 0) goto terminate; else - ; /*once more.*/ + ; /* once more. */ } else { if (zs.msg) { ipseclog((LOG_ERR, "ipcomp_%scompress: " @@ -258,7 +258,7 @@ do { \ if (zerror == Z_STREAM_END) break; else if (zerror == Z_OK) - ; /*once more.*/ + ; /* once more. */ else { if (zs.msg) { ipseclog((LOG_ERR, "ipcomp_%scompress: " diff --git a/sys/netinet6/ipcomp_input.c b/sys/netinet6/ipcomp_input.c index ece1603..65be602 100644 --- a/sys/netinet6/ipcomp_input.c +++ b/sys/netinet6/ipcomp_input.c @@ -111,7 +111,7 @@ ipcomp4_input(m, off) md = m_pulldown(m, off, sizeof(*ipcomp), NULL); if (!m) { - m = NULL; /*already freed*/ + m = NULL; /* already freed */ ipseclog((LOG_DEBUG, "IPv4 IPComp input: assumption failed " "(pulldown failure)\n")); ipsecstat.in_inval++; @@ -135,7 +135,7 @@ ipcomp4_input(m, off) if (sav != NULL && (sav->state == SADB_SASTATE_MATURE || sav->state == SADB_SASTATE_DYING)) { - cpi = sav->alg_enc; /*XXX*/ + cpi = sav->alg_enc; /* XXX */ /* other parameters to look at? */ } } @@ -261,7 +261,7 @@ ipcomp6_input(mp, offp, proto) md = m_pulldown(m, off, sizeof(*ipcomp), NULL); if (!m) { - m = NULL; /*already freed*/ + m = NULL; /* already freed */ ipseclog((LOG_DEBUG, "IPv6 IPComp input: assumption failed " "(pulldown failure)\n")); ipsec6stat.in_inval++; @@ -279,7 +279,7 @@ ipcomp6_input(mp, offp, proto) if (sav != NULL && (sav->state == SADB_SASTATE_MATURE || sav->state == SADB_SASTATE_DYING)) { - cpi = sav->alg_enc; /*XXX*/ + cpi = sav->alg_enc; /* XXX */ /* other parameters to look at? */ } } diff --git a/sys/netinet6/ipcomp_output.c b/sys/netinet6/ipcomp_output.c index b82840a..009b01e 100644 --- a/sys/netinet6/ipcomp_output.c +++ b/sys/netinet6/ipcomp_output.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ipcomp_output.c,v 1.23 2001/01/23 08:59:37 itojun Exp $ */ +/* $KAME: ipcomp_output.c,v 1.24 2001/07/26 06:53:18 jinmei Exp $ */ /* * Copyright (C) 1999 WIDE Project. @@ -118,7 +118,7 @@ ipcomp_output(m, nexthdrp, md, isr, af) struct secasvar *sav = isr->sav; const struct ipcomp_algorithm *algo; u_int16_t cpi; /* host order */ - size_t plen0, plen; /*payload length to be compressed*/ + size_t plen0, plen; /* payload length to be compressed */ size_t compoff; int afnumber; int error = 0; @@ -249,7 +249,7 @@ ipcomp_output(m, nexthdrp, md, isr, af) #ifdef INET6 struct ip6_hdr *ip6 = NULL; #endif - size_t hlen = 0; /*ip header len*/ + size_t hlen = 0; /* ip header len */ size_t complen = sizeof(struct ipcomp); switch (af) { @@ -363,7 +363,7 @@ ipcomp4_output(m, isr) /* XXX assumes that m->m_next points to payload */ return ipcomp_output(m, &ip->ip_p, m->m_next, isr, AF_INET); } -#endif /*INET*/ +#endif /* INET */ #ifdef INET6 int @@ -381,4 +381,4 @@ ipcomp6_output(m, nexthdrp, md, isr) } return ipcomp_output(m, nexthdrp, md, isr, AF_INET6); } -#endif /*INET6*/ +#endif /* INET6 */ diff --git a/sys/netinet6/ipsec.c b/sys/netinet6/ipsec.c index 0b276e8..5a9e509 100644 --- a/sys/netinet6/ipsec.c +++ b/sys/netinet6/ipsec.c @@ -1805,7 +1805,7 @@ ipsec_hdrsiz(sp) size_t siz, clen; KEYDEBUG(KEYDEBUG_IPSEC_DATA, - printf("ipsec_in_reject: using SP\n"); + printf("ipsec_hdrsiz: using SP\n"); kdebug_secpolicy(sp)); /* check policy */ @@ -1834,7 +1834,7 @@ ipsec_hdrsiz(sp) #ifdef IPSEC_ESP clen = esp_hdrsiz(isr); #else - clen = 0; /*XXX*/ + clen = 0; /* XXX */ #endif break; case IPPROTO_AH: @@ -1945,7 +1945,7 @@ ipsec6_hdrsiz(m, dir, in6p) return size; } -#endif /*INET6*/ +#endif /* INET6 */ #ifdef INET /* @@ -2041,13 +2041,13 @@ ipsec4_encapsulate(m, sav) ip->ip_off &= htons(~IP_OFFMASK); ip->ip_off &= htons(~IP_MF); switch (ip4_ipsec_dfbit) { - case 0: /*clear DF bit*/ + case 0: /* clear DF bit */ ip->ip_off &= htons(~IP_DF); break; - case 1: /*set DF bit*/ + case 1: /* set DF bit */ ip->ip_off |= htons(IP_DF); break; - default: /*copy DF bit*/ + default: /* copy DF bit */ break; } ip->ip_p = IPPROTO_IPIP; @@ -2072,7 +2072,7 @@ ipsec4_encapsulate(m, sav) return 0; } -#endif /*INET*/ +#endif /* INET */ #ifdef INET6 static int @@ -2152,7 +2152,7 @@ ipsec6_encapsulate(m, sav) return 0; } -#endif /*INET6*/ +#endif /* INET6 */ /* * Check the variable replay window. @@ -2317,7 +2317,7 @@ ok: } /* - * shift variable length bunffer to left. + * shift variable length buffer to left. * IN: bitmap: pointer to the buffer * nbit: the number of to shift. * wsize: buffer size (bytes). @@ -2397,7 +2397,7 @@ ipsec6_logpacketstr(ip6, spi) return buf; } -#endif /*INET6*/ +#endif /* INET6 */ const char * ipsec_logsastr(sav) @@ -2712,17 +2712,17 @@ ipsec6_output_trans(state, nexthdrp, mprev, sp, flags, tun) struct sockaddr_in6 *sin6; if (!state) - panic("state == NULL in ipsec6_output"); + panic("state == NULL in ipsec6_output_trans"); if (!state->m) - panic("state->m == NULL in ipsec6_output"); + panic("state->m == NULL in ipsec6_output_trans"); if (!nexthdrp) - panic("nexthdrp == NULL in ipsec6_output"); + panic("nexthdrp == NULL in ipsec6_output_trans"); if (!mprev) - panic("mprev == NULL in ipsec6_output"); + panic("mprev == NULL in ipsec6_output_trans"); if (!sp) - panic("sp == NULL in ipsec6_output"); + panic("sp == NULL in ipsec6_output_trans"); if (!tun) - panic("tun == NULL in ipsec6_output"); + panic("tun == NULL in ipsec6_output_trans"); KEYDEBUG(KEYDEBUG_IPSEC_DATA, printf("ipsec6_output_trans: applyed SP\n"); @@ -2846,7 +2846,7 @@ ipsec6_output_trans(state, nexthdrp, mprev, sp, flags, tun) ipseclog((LOG_ERR, "ipsec6_output_trans: " "IPsec with IPv6 jumbogram is not supported\n")); ipsec6stat.out_inval++; - error = EINVAL; /*XXX*/ + error = EINVAL; /* XXX */ goto bad; } ip6 = mtod(state->m, struct ip6_hdr *); @@ -2883,11 +2883,11 @@ ipsec6_output_tunnel(state, sp, flags) int s; if (!state) - panic("state == NULL in ipsec6_output"); + panic("state == NULL in ipsec6_output_tunnel"); if (!state->m) - panic("state->m == NULL in ipsec6_output"); + panic("state->m == NULL in ipsec6_output_tunnel"); if (!sp) - panic("sp == NULL in ipsec6_output"); + panic("sp == NULL in ipsec6_output_tunnel"); KEYDEBUG(KEYDEBUG_IPSEC_DATA, printf("ipsec6_output_tunnel: applyed SP\n"); @@ -3067,7 +3067,7 @@ ipsec6_output_tunnel(state, sp, flags) break; case IPPROTO_IPCOMP: /* XXX code should be here */ - /*FALLTHROUGH*/ + /* FALLTHROUGH */ default: ipseclog((LOG_ERR, "ipsec6_output_tunnel: " "unknown ipsec protocol %d\n", isr->saidx.proto)); @@ -3085,7 +3085,7 @@ ipsec6_output_tunnel(state, sp, flags) ipseclog((LOG_ERR, "ipsec6_output_tunnel: " "IPsec with IPv6 jumbogram is not supported\n")); ipsec6stat.out_inval++; - error = EINVAL; /*XXX*/ + error = EINVAL; /* XXX */ goto bad; } ip6 = mtod(state->m, struct ip6_hdr *); @@ -3099,7 +3099,7 @@ bad: state->m = NULL; return error; } -#endif /*INET6*/ +#endif /* INET6 */ #ifdef INET /* @@ -3557,7 +3557,7 @@ ipsec_addhist(m, proto, spi) if (!n) return ENOBUFS; if (M_TRAILINGSPACE(n) < sizeof(*p)) - return ENOSPC; /*XXX*/ + return ENOSPC; /* XXX */ p = (struct ipsec_history *)(mtod(n, caddr_t) + n->m_len); n->m_len += sizeof(*p); bzero(p, sizeof(*p)); diff --git a/sys/netinet6/ipsec.h b/sys/netinet6/ipsec.h index 33cef87..20569a0 100644 --- a/sys/netinet6/ipsec.h +++ b/sys/netinet6/ipsec.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: ipsec.h,v 1.44 2001/03/23 08:08:47 itojun Exp $ */ +/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -49,10 +49,9 @@ /* * Security Policy Index - * NOTE: Ensure to be same address family and upper layer protocol. - * NOTE: ul_proto, port number, uid, gid: - * ANY: reserved for waldcard. - * 0 to (~0 - 1): is one of the number of each value. + * Ensure that both address families in the "src" and "dst" are same. + * When the value of the ul_proto is ICMPv6, the port field in "src" + * specifies ICMPv6 type, and the port field in "dst" specifies ICMPv6 code. */ struct secpolicyindex { u_int8_t dir; /* direction of packet flow, see blow */ @@ -128,7 +127,7 @@ struct secspacq { int count; /* for lifetime */ /* XXX: here is mbuf place holder to be sent ? */ }; -#endif /*_KERNEL*/ +#endif /* _KERNEL */ /* according to IANA assignment, port 0x0000 and proto 0xff are reserved. */ #define IPSEC_PORT_ANY 0 @@ -225,7 +224,7 @@ struct ipsecstat { #define IPSECCTL_DEF_ESP_NETLEV 4 /* int; ESP tunnel mode */ #define IPSECCTL_DEF_AH_TRANSLEV 5 /* int; AH transport mode */ #define IPSECCTL_DEF_AH_NETLEV 6 /* int; AH tunnel mode */ -#if 0 /*obsolete, do not reuse*/ +#if 0 /* obsolete, do not reuse */ #define IPSECCTL_INBOUND_CALL_IKE 7 #endif #define IPSECCTL_AH_CLEARTOS 8 @@ -342,7 +341,7 @@ extern struct socket *ipsec_getsocket __P((struct mbuf *)); extern int ipsec_addhist __P((struct mbuf *, int, u_int32_t)); extern struct ipsec_history *ipsec_gethist __P((struct mbuf *, int *)); extern void ipsec_clearhist __P((struct mbuf *)); -#endif /*_KERNEL*/ +#endif /* _KERNEL */ #ifndef _KERNEL extern caddr_t ipsec_set_policy __P((char *, int)); @@ -350,6 +349,6 @@ extern int ipsec_get_policylen __P((caddr_t)); extern char *ipsec_dump_policy __P((caddr_t, char *)); extern const char *ipsec_strerror __P((void)); -#endif /*!_KERNEL*/ +#endif /* !_KERNEL */ -#endif /*_NETINET6_IPSEC_H_*/ +#endif /* _NETINET6_IPSEC_H_ */ diff --git a/sys/netinet6/nd6.c b/sys/netinet6/nd6.c index 53ea168..0d355ba 100644 --- a/sys/netinet6/nd6.c +++ b/sys/netinet6/nd6.c @@ -428,7 +428,6 @@ nd6_timer(ignored_arg) nd6_timer, NULL); ln = llinfo_nd6.ln_next; - /* XXX BSD/OS separates this code -- itojun */ while (ln && ln != &llinfo_nd6) { struct rtentry *rt; struct sockaddr_in6 *dst; @@ -451,7 +450,7 @@ nd6_timer(ignored_arg) ln = next; continue; } - + /* sanity check */ if (!rt) panic("rt=0 in nd6_timer(ln=%p)\n", ln); @@ -562,7 +561,7 @@ nd6_timer(ignored_arg) /* * If the expiring address is temporary, try * regenerating a new one. This would be useful when - * we suspended a laptop PC, then turned on after a + * we suspended a laptop PC, then turned it on after a * period that could invalidate all temporary * addresses. Although we may have to restart the * loop (see below), it must be after purging the @@ -600,8 +599,8 @@ nd6_timer(ignored_arg) * has changed while we are still in * the loop. Although the change * would not cause disaster (because - * it's not an addition, but a - * deletion,) we'd rather restart the + * it's not a deletion, but an + * addition,) we'd rather restart the * loop just for safety. Or does this * significantly reduce performance?? */ @@ -624,14 +623,6 @@ nd6_timer(ignored_arg) * check prefix lifetime. * since pltime is just for autoconf, pltime processing for * prefix is not necessary. - * - * we offset expire time by NDPR_KEEP_EXPIRE, so that we - * can use the old prefix information to validate the - * next prefix information to come. See prelist_update() - * for actual validation. - * - * I don't think such an offset is necessary. - * (jinmei@kame.net, 20010130). */ if (pr->ndpr_expire && pr->ndpr_expire < time_second) { struct nd_prefix *t; @@ -838,10 +829,10 @@ nd6_lookup(addr6, create, ifp) return(NULL); /* - * Create a new route. RTF_LLINFO is necessary + * Create a new route. RTF_LLINFO is necessary * to create a Neighbor Cache entry for the * destination in nd6_rtrequest which will be - * called in rtequest via ifa->ifa_rtrequest. + * called in rtrequest via ifa->ifa_rtrequest. */ if ((e = rtrequest(RTM_ADD, (struct sockaddr *)&sin6, ifa->ifa_addr, @@ -987,7 +978,7 @@ nd6_free(rt) /* * Temporarily fake the state to choose a new default * router and to perform on-link determination of - * prefixes coreectly. + * prefixes correctly. * Below the state will be set correctly, * or the entry itself will be deleted. */ @@ -1022,7 +1013,7 @@ nd6_free(rt) * Before deleting the entry, remember the next entry as the * return value. We need this because pfxlist_onlink_check() above * might have freed other entries (particularly the old next entry) as - * a side effect (XXX). + * a side effect (XXX). */ next = ln->ln_next; @@ -1101,7 +1092,7 @@ nd6_rtrequest(req, rt, info) struct ifnet *ifp = rt->rt_ifp; struct ifaddr *ifa; - if (rt->rt_flags & RTF_GATEWAY) + if ((rt->rt_flags & RTF_GATEWAY)) return; if (nd6_need_cache(ifp) == 0 && (rt->rt_flags & RTF_HOST) == 0) { @@ -1148,7 +1139,7 @@ nd6_rtrequest(req, rt, info) if (rt->rt_flags & (RTF_CLONING | RTF_LLINFO)) { /* * Case 1: This route should come from - * a route to interface. RTF_LLINFO flag is set + * a route to interface. RTF_LLINFO flag is set * for a host route whose destination should be * treated as on-link. */ @@ -1163,13 +1154,13 @@ nd6_rtrequest(req, rt, info) if (ln && ln->ln_expire == 0) { /* kludge for desktops */ #if 0 - printf("nd6_request: time.tv_sec is zero; " + printf("nd6_rtequest: time.tv_sec is zero; " "treat it as 1\n"); #endif ln->ln_expire = 1; } #endif - if (rt->rt_flags & RTF_CLONING) + if ((rt->rt_flags & RTF_CLONING)) break; } /* @@ -1271,7 +1262,7 @@ nd6_rtrequest(req, rt, info) SDL(gate)->sdl_alen = ifp->if_addrlen; } if (nd6_useloopback) { - rt->rt_ifp = &loif[0]; /*XXX*/ + rt->rt_ifp = &loif[0]; /* XXX */ /* * Make sure rt_ifa be equal to the ifaddr * corresponding to the address. @@ -1521,7 +1512,7 @@ nd6_ioctl(cmd, data, ifp) /* do we really have to remove addresses as well? */ for (ia = in6_ifaddr; ia; ia = ia_next) { - /* ia might be removed. keep the next ptr. */ + /* ia might be removed. keep the next ptr. */ ia_next = ia->ia_next; if ((ia->ia6_flags & IN6_IFF_AUTOCONF) == 0) @@ -1691,7 +1682,7 @@ fail: * 1 -- y -- (7) * STALE */ - if (lladdr) { /*(3-5) and (7)*/ + if (lladdr) { /* (3-5) and (7) */ /* * Record source link-layer address * XXX is it dependent to ifp->if_type? @@ -1701,17 +1692,17 @@ fail: } if (!is_newentry) { - if ((!olladdr && lladdr) /*(3)*/ - || (olladdr && lladdr && llchange)) { /*(5)*/ + if ((!olladdr && lladdr) /* (3) */ + || (olladdr && lladdr && llchange)) { /* (5) */ do_update = 1; newstate = ND6_LLINFO_STALE; - } else /*(1-2,4)*/ + } else /* (1-2,4) */ do_update = 0; } else { do_update = 1; - if (!lladdr) /*(6)*/ + if (!lladdr) /* (6) */ newstate = ND6_LLINFO_NOSTATE; - else /*(7)*/ + else /* (7) */ newstate = ND6_LLINFO_STALE; } @@ -1780,7 +1771,7 @@ fail: /* * New entry must have is_router flag cleared. */ - if (is_newentry) /*(6-7)*/ + if (is_newentry) /* (6-7) */ ln->ln_router = 0; break; case ND_REDIRECT: @@ -1791,7 +1782,7 @@ fail: */ if (code == ND_REDIRECT_ROUTER) ln->ln_router = 1; - else if (is_newentry) /*(6-7)*/ + else if (is_newentry) /* (6-7) */ ln->ln_router = 0; break; case ND_ROUTER_SOLICIT: @@ -1804,8 +1795,8 @@ fail: /* * Mark an entry with lladdr as a router. */ - if ((!is_newentry && (olladdr || lladdr)) /*(2-5)*/ - || (is_newentry && lladdr)) { /*(7)*/ + if ((!is_newentry && (olladdr || lladdr)) /* (2-5) */ + || (is_newentry && lladdr)) { /* (7) */ ln->ln_router = 1; } break; @@ -1883,7 +1874,7 @@ nd6_output(ifp, origifp, m0, dst, rt0) goto sendpkt; /* - * next hop determination. This routine is derived from ether_outpout. + * next hop determination. This routine is derived from ether_outpout. */ if (rt) { if ((rt->rt_flags & RTF_UP) == 0) { @@ -1906,9 +1897,8 @@ nd6_output(ifp, origifp, m0, dst, rt0) /* * We skip link-layer address resolution and NUD * if the gateway is not a neighbor from ND point - * of view, regardless the value of the - * nd_ifinfo.flags. - * The second condition is a bit tricky: we skip + * of view, regardless of the value of nd_ifinfo.flags. + * The second condition is a bit tricky; we skip * if the gateway is our own address, which is * sometimes used to install a route to a p2p link. */ @@ -1949,7 +1939,7 @@ nd6_output(ifp, origifp, m0, dst, rt0) else { /* * Since nd6_is_addr_neighbor() internally calls nd6_lookup(), - * the condition below is not very efficient. But we believe + * the condition below is not very efficient. But we believe * it is tolerable, because this should be a rare case. */ if (nd6_is_addr_neighbor(dst, ifp) && @@ -1991,7 +1981,7 @@ nd6_output(ifp, origifp, m0, dst, rt0) /* * If the neighbor cache entry has a state other than INCOMPLETE - * (i.e. its link-layer address is already reloved), just + * (i.e. its link-layer address is already resolved), just * send the packet. */ if (ln->ln_state > ND6_LLINFO_INCOMPLETE) @@ -1999,11 +1989,12 @@ nd6_output(ifp, origifp, m0, dst, rt0) /* * There is a neighbor cache entry, but no ethernet address - * response yet. Replace the held mbuf (if any) with this + * response yet. Replace the held mbuf (if any) with this * latest one. * - * XXX Does the code conform to rate-limiting rule? - * (RFC 2461 7.2.2) + * This code conforms to the rate-limiting rule described in Section + * 7.2.2 of RFC 2461, because the timer is set correctly after sending + * an NS below. */ if (ln->ln_state == ND6_LLINFO_NOSTATE) ln->ln_state = ND6_LLINFO_INCOMPLETE; @@ -2090,6 +2081,10 @@ nd6_storelladdr(ifp, rt, m, dst, desten) desten); return(1); case IFT_IEEE1394: + /* + * netbsd can use if_broadcastaddr, but we don't do so + * to reduce # of ifdef. + */ for (i = 0; i < ifp->if_addrlen; i++) desten[i] = ~0; return(1); diff --git a/sys/netinet6/nd6.h b/sys/netinet6/nd6.h index f3c17be..c8b531a 100644 --- a/sys/netinet6/nd6.h +++ b/sys/netinet6/nd6.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: nd6.h,v 1.55 2001/04/27 15:09:49 itojun Exp $ */ +/* $KAME: nd6.h,v 1.76 2001/12/18 02:10:31 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -80,7 +80,7 @@ struct nd_ifinfo { int recalctm; /* BaseReacable re-calculation timer */ u_int8_t chlim; /* CurHopLimit */ u_int8_t receivedra; - /* the followings are for privacy extension for addrconf */ + /* the following 3 members are for privacy extension for addrconf */ u_int8_t randomseed0[8]; /* upper 64 bits of MD5 digest */ u_int8_t randomseed1[8]; /* lower 64 bits (usually the EUI64 IFID) */ u_int8_t randomid[8]; /* current random ID */ @@ -125,9 +125,9 @@ struct in6_prlist { struct prf_ra raflags; u_char prefixlen; u_char origin; - u_long vltime; - u_long pltime; - u_long expire; + u_int32_t vltime; + u_int32_t pltime; + time_t expire; u_short if_index; u_short advrtrs; /* number of advertisement routers */ struct in6_addr advrtr[DRLSTSIZ]; /* XXX: explicit limit */ @@ -181,8 +181,8 @@ struct in6_ndifreq { #define NDPRF_DETACHED 0x2 /* protocol constants */ -#define MAX_RTR_SOLICITATION_DELAY 1 /*1sec*/ -#define RTR_SOLICITATION_INTERVAL 4 /*4sec*/ +#define MAX_RTR_SOLICITATION_DELAY 1 /* 1sec */ +#define RTR_SOLICITATION_INTERVAL 4 /* 4sec */ #define MAX_RTR_SOLICITATIONS 3 #define ND6_INFINITE_LIFETIME 0xffffffff @@ -206,7 +206,7 @@ TAILQ_HEAD(nd_drhead, nd_defrouter); struct nd_defrouter { TAILQ_ENTRY(nd_defrouter) dr_entry; struct in6_addr rtaddr; - u_char flags; + u_char flags; /* flags on RA message */ u_short rtlifetime; u_long expire; u_long advint; /* Mobile IPv6 addition (milliseconds) */ @@ -308,12 +308,12 @@ extern u_int32_t ip6_temp_valid_lifetime; /* seconds */ extern int ip6_temp_regen_advance; /* seconds */ union nd_opts { - struct nd_opt_hdr *nd_opt_array[9]; /*max = home agent info*/ + struct nd_opt_hdr *nd_opt_array[9]; /* max = home agent info */ struct { struct nd_opt_hdr *zero; struct nd_opt_hdr *src_lladdr; struct nd_opt_hdr *tgt_lladdr; - struct nd_opt_prefix_info *pi_beg;/* multiple opts, start */ + struct nd_opt_prefix_info *pi_beg; /* multiple opts, start */ struct nd_opt_rd_hdr *rh; struct nd_opt_mtu *mtu; struct nd_opt_hdr *six; diff --git a/sys/netinet6/nd6_nbr.c b/sys/netinet6/nd6_nbr.c index 9214de9..1b1f7dc9 100644 --- a/sys/netinet6/nd6_nbr.c +++ b/sys/netinet6/nd6_nbr.c @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: nd6_nbr.c,v 1.64 2001/05/17 03:48:30 itojun Exp $ */ +/* $KAME: nd6_nbr.c,v 1.86 2002/01/21 02:33:04 jinmei Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -133,11 +133,11 @@ nd6_ns_input(m, off, icmp6len) if (IN6_IS_ADDR_UNSPECIFIED(&saddr6)) { /* dst has to be solicited node multicast address. */ if (daddr6.s6_addr16[0] == IPV6_ADDR_INT16_MLL - /*don't check ifindex portion*/ + /* don't check ifindex portion */ && daddr6.s6_addr32[1] == 0 && daddr6.s6_addr32[2] == IPV6_ADDR_INT32_ONE && daddr6.s6_addr8[12] == 0xff) { - ; /*good*/ + ; /* good */ } else { nd6log((LOG_INFO, "nd6_ns_input: bad DAD packet " "(wrong ip6 dst)\n")); @@ -163,7 +163,7 @@ nd6_ns_input(m, off, icmp6len) } if (ndopts.nd_opts_src_lladdr) { - lladdr = (char *)(ndopts.nd_opts_src_lladdr +1); + lladdr = (char *)(ndopts.nd_opts_src_lladdr + 1); lladdrlen = ndopts.nd_opts_src_lladdr->nd_opt_len << 3; } @@ -252,9 +252,9 @@ nd6_ns_input(m, off, icmp6len) } if (IN6_ARE_ADDR_EQUAL(&myaddr6, &saddr6)) { - log(LOG_INFO, - "nd6_ns_input: duplicate IP6 address %s\n", - ip6_sprintf(&saddr6)); + nd6log((LOG_INFO, + "nd6_ns_input: duplicate IP6 address %s\n", + ip6_sprintf(&saddr6))); goto freeit; } @@ -383,7 +383,7 @@ nd6_ns_output(ifp, daddr6, taddr6, ln, dad) icmp6len = sizeof(*nd_ns); m->m_pkthdr.len = m->m_len = sizeof(*ip6) + icmp6len; - m->m_data += max_linkhdr; /*or MH_ALIGN() equivalent?*/ + m->m_data += max_linkhdr; /* or MH_ALIGN() equivalent? */ /* fill neighbor solicitation packet */ ip6 = mtod(m, struct ip6_hdr *); @@ -433,7 +433,7 @@ nd6_ns_output(ifp, daddr6, taddr6, ln, dad) * - saddr6 belongs to the outgoing interface. * Otherwise, we perform a scope-wise match. */ - struct ip6_hdr *hip6; /*hold ip6*/ + struct ip6_hdr *hip6; /* hold ip6 */ struct in6_addr *saddr6; if (ln && ln->ln_hold) { @@ -450,7 +450,7 @@ nd6_ns_output(ifp, daddr6, taddr6, ln, dad) else { ia = in6_ifawithifp(ifp, &ip6->ip6_dst); if (ia == NULL) { - m_freem(m); /*XXX*/ + m_freem(m); return; } ip6->ip6_src = ia->ia_addr.sin6_addr; @@ -622,7 +622,7 @@ nd6_na_input(m, off, icmp6len) goto freeit; } - /* Just for safety, maybe unnecessery. */ + /* Just for safety, maybe unnecessary. */ if (ifa) { log(LOG_ERR, "nd6_na_input: duplicate IP6 address %s\n", @@ -767,6 +767,13 @@ nd6_na_input(m, off, icmp6len) int s; in6 = &((struct sockaddr_in6 *)rt_key(rt))->sin6_addr; + + /* + * Lock to protect the default router list. + * XXX: this might be unnecessary, since this function + * is only called under the network software interrupt + * context. However, we keep it just for safety. + */ s = splnet(); dr = defrouter_lookup(in6, rt->rt_ifp); if (dr) @@ -789,7 +796,7 @@ nd6_na_input(m, off, icmp6len) ln->ln_asked = 0; if (ln->ln_hold) { /* - * we assume ifp is not a p2p here, so just set the 2nd + * we assume ifp is not a loopback here, so just set the 2nd * argument as the 1st one. */ nd6_output(ifp, ifp, ln->ln_hold, @@ -865,7 +872,7 @@ nd6_na_output(ifp, daddr6, taddr6, flags, tlladdr, sdl0) icmp6len = sizeof(*nd_na); m->m_pkthdr.len = m->m_len = sizeof(struct ip6_hdr) + icmp6len; - m->m_data += max_linkhdr; /*or MH_ALIGN() equivalent?*/ + m->m_data += max_linkhdr; /* or MH_ALIGN() equivalent? */ /* fill neighbor advertisement packet */ ip6 = mtod(m, struct ip6_hdr *); @@ -1094,11 +1101,11 @@ nd6_dad_start(ifa, tick) * (re)initialization. */ dp->dad_ifa = ifa; - IFAREF(ifa); /*just for safety*/ + IFAREF(ifa); /* just for safety */ dp->dad_count = ip6_dad_count; dp->dad_ns_icount = dp->dad_na_icount = 0; dp->dad_ns_ocount = dp->dad_ns_tcount = 0; - if (!tick) { + if (tick == NULL) { nd6_dad_ns_output(dp, ifa); nd6_dad_starttimer(dp, nd_ifinfo[ifa->ifa_ifp->if_index].retrans * hz / 1000); @@ -1147,7 +1154,7 @@ nd6_dad_timer(ifa) struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa; struct dadq *dp; - s = splnet(); /*XXX*/ + s = splnet(); /* XXX */ /* Sanity check */ if (ia == NULL) { @@ -1212,7 +1219,7 @@ nd6_dad_timer(ifa) } if (dp->dad_ns_icount) { -#if 0 /*heuristics*/ +#if 0 /* heuristics */ /* * if * - we have sent many(?) DAD NS, and diff --git a/sys/netinet6/nd6_rtr.c b/sys/netinet6/nd6_rtr.c index d84ba59..efb4867 100644 --- a/sys/netinet6/nd6_rtr.c +++ b/sys/netinet6/nd6_rtr.c @@ -398,7 +398,7 @@ nd6_ra_input(m, off, icmp6len) skip: /* - * Src linkaddress + * Source link layer address */ { char *lladdr = NULL; diff --git a/sys/netinet6/route6.c b/sys/netinet6/route6.c index 807c6ad..f3fe83d 100644 --- a/sys/netinet6/route6.c +++ b/sys/netinet6/route6.c @@ -155,7 +155,7 @@ ip6_rthdr0(m, ip6, rh0) ) { /* * Type 0 routing header can't contain more than 23 addresses. - * RFC 2462: this limitation was removed since stict/loose + * RFC 2462: this limitation was removed since strict/loose * bitmap field was deleted. */ ip6stat.ip6s_badoptions++; diff --git a/sys/netinet6/udp6_output.c b/sys/netinet6/udp6_output.c index b085943..35597fd 100644 --- a/sys/netinet6/udp6_output.c +++ b/sys/netinet6/udp6_output.c @@ -105,7 +105,7 @@ #ifdef INET6 #include <netinet6/ipsec6.h> #endif -#endif /*IPSEC*/ +#endif /* IPSEC */ #include <net/net_osdep.h> @@ -295,7 +295,7 @@ udp6_output(in6p, m, addr6, control, td) error = ENOBUFS; goto release; } -#endif /*IPSEC*/ +#endif /* IPSEC */ error = ip6_output(m, in6p->in6p_outputopts, &in6p->in6p_route, flags, in6p->in6p_moptions, NULL); break; diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c index f1bf3a9..1c1fdb04 100644 --- a/sys/netinet6/udp6_usrreq.c +++ b/sys/netinet6/udp6_usrreq.c @@ -104,7 +104,7 @@ #ifdef IPSEC #include <netinet6/ipsec.h> #include <netinet6/ipsec6.h> -#endif /*IPSEC*/ +#endif /* IPSEC */ /* * UDP protocol inplementation. @@ -218,7 +218,7 @@ udp6_input(mp, offp, proto) init_sin6(&udp_in6, m); /* general init */ udp_in6.sin6_port = uh->uh_sport; /* - * KAME note: usually we drop udphdr from mbuf here. + * KAME note: traditionally we dropped udpiphdr from mbuf here. * We need udphdr for IPsec processing so we do that later. */ @@ -257,7 +257,7 @@ udp6_input(mp, offp, proto) ipsec6stat.in_polvio++; /* do not inject data into pcb */ else -#endif /*IPSEC*/ +#endif /* IPSEC */ if ((n = m_copy(m, 0, M_COPYALL)) != NULL) { /* * KAME NOTE: do not @@ -316,7 +316,7 @@ udp6_input(mp, offp, proto) ipsec6stat.in_polvio++; goto bad; } -#endif /*IPSEC*/ +#endif /* IPSEC */ if (last->in6p_flags & IN6P_CONTROLOPTS || last->in6p_socket->so_options & SO_TIMESTAMP) ip6_savecontrol(last, &opts, ip6, m); @@ -364,7 +364,7 @@ udp6_input(mp, offp, proto) ipsec6stat.in_polvio++; goto bad; } -#endif /*IPSEC*/ +#endif /* IPSEC */ /* * Construct sockaddr format source address. @@ -616,7 +616,6 @@ udp6_connect(struct socket *so, struct sockaddr *nam, struct thread *td) return error; } } - if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) return EISCONN; s = splnet(); diff --git a/sys/netkey/key.h b/sys/netkey/key.h index ed03ba4..4cbe358 100644 --- a/sys/netkey/key.h +++ b/sys/netkey/key.h @@ -1,5 +1,5 @@ /* $FreeBSD$ */ -/* $KAME: key.h,v 1.20 2001/03/22 08:09:32 itojun Exp $ */ +/* $KAME: key.h,v 1.21 2001/07/27 03:51:30 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. diff --git a/sys/netkey/key_debug.c b/sys/netkey/key_debug.c index 8e7c5d9..25dcce3 100644 --- a/sys/netkey/key_debug.c +++ b/sys/netkey/key_debug.c @@ -678,7 +678,7 @@ void kdebug_sockaddr(addr) struct sockaddr *addr; { - struct sockaddr_in *sin; + struct sockaddr_in *sin4; #ifdef INET6 struct sockaddr_in6 *sin6; #endif @@ -692,9 +692,9 @@ kdebug_sockaddr(addr) switch (addr->sa_family) { case AF_INET: - sin = (struct sockaddr_in *)addr; - printf(" port=%u\n", ntohs(sin->sin_port)); - ipsec_hexdump((caddr_t)&sin->sin_addr, sizeof(sin->sin_addr)); + sin4 = (struct sockaddr_in *)addr; + printf(" port=%u\n", ntohs(sin4->sin_port)); + ipsec_hexdump((caddr_t)&sin4->sin_addr, sizeof(sin4->sin_addr)); break; #ifdef INET6 case AF_INET6: diff --git a/usr.sbin/faithd/README b/usr.sbin/faithd/README index 2ad0592..5bcc30d 100644 --- a/usr.sbin/faithd/README +++ b/usr.sbin/faithd/README @@ -1,7 +1,7 @@ Configuring FAITH IPv6-to-IPv4 TCP relay Kazu Yamamoto and Jun-ichiro itojun Hagino -$KAME: README,v 1.7 2001/04/25 11:25:19 itojun Exp $ +$KAME: README,v 1.8 2001/09/05 03:04:20 itojun Exp $ $FreeBSD$ Introduction diff --git a/usr.sbin/faithd/faithd.8 b/usr.sbin/faithd/faithd.8 index 702dbde..c4de0e0 100644 --- a/usr.sbin/faithd/faithd.8 +++ b/usr.sbin/faithd/faithd.8 @@ -1,4 +1,4 @@ -.\" $KAME: faithd.8,v 1.30 2001/05/24 20:47:56 itojun Exp $ +.\" $KAME: faithd.8,v 1.33 2001/09/05 03:04:20 itojun Exp $ .\" .\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. .\" All rights reserved. @@ -267,6 +267,9 @@ permit the connection. .Pp The directives are evaluated in sequence, and the first matching entry will be effective. +If there is no match +.Pq if we reach the end of the ruleset +the traffic will be denied. .Pp With inetd mode, traffic may be filtered by using access control functionality in @@ -297,15 +300,15 @@ as follows: If you would like to provide local telnet service via .Xr telnetd 8 on -.Pa /usr/local/v6/libexec/telnetd , +.Pa /usr/libexec/telnetd , use the following command line: .Bd -literal -offset -# faithd telnet /usr/local/v6/libexec/telnetd telnetd +# faithd telnet /usr/libexec/telnetd telnetd .Ed .Pp If you would like to pass extra arguments to the local daemon: .Bd -literal -offset -# faithd ftp /usr/local/v6/libexec/ftpd ftpd -l +# faithd ftp /usr/libexec/ftpd ftpd -l .Ed .Pp Here are some other examples. @@ -314,8 +317,8 @@ You may need to translate rsh/rlogin services. .Bd -literal -offset # faithd ssh -# faithd login /usr/local/v6/libexec/rlogin rlogind -# faithd shell /usr/local/v6/libexec/rshd rshd +# faithd login /usr/libexec/rlogin rlogind +# faithd shell /usr/libexec/rshd rshd .Ed .Pp However, you should be careful when translating rlogin or rsh @@ -377,9 +380,9 @@ on error. .%A Jun-ichiro itojun Hagino .%A Kazu Yamamoto .%T "An IPv6-to-IPv4 transport relay translator" -.%R internet draft -.%N draft-ietf-ngtrans-tcpudp-relay-04.txt -.%O work in progress material +.%B RFC3142 +.%O ftp://ftp.isi.edu/in-notes/rfc3142.txt +.%D June 2001 .Re .\" .Sh HISTORY diff --git a/usr.sbin/faithd/faithd.c b/usr.sbin/faithd/faithd.c index 2f02da1..09fac11 100644 --- a/usr.sbin/faithd/faithd.c +++ b/usr.sbin/faithd/faithd.c @@ -1,4 +1,4 @@ -/* $KAME: faithd.c,v 1.39 2001/04/25 11:20:42 itojun Exp $ */ +/* $KAME: faithd.c,v 1.46 2002/01/24 16:40:42 sumikawa Exp $ */ /* * Copyright (C) 1997 and 1998 WIDE Project. @@ -35,9 +35,8 @@ * User level translator from IPv6 to IPv4. * * Usage: faithd [<port> <progpath> <arg1(progname)> <arg2> ...] - * e.g. faithd telnet /usr/local/v6/sbin/telnetd telnetd + * e.g. faithd telnet /usr/libexec/telnetd telnetd */ -#define HAVE_GETIFADDRS #include <sys/param.h> #include <sys/types.h> @@ -73,9 +72,7 @@ #include <netinet/in.h> #include <arpa/inet.h> #include <netdb.h> -#ifdef HAVE_GETIFADDRS #include <ifaddrs.h> -#endif #ifdef FAITH4 #include <resolv.h> @@ -98,7 +95,7 @@ struct myaddrs { struct sockaddr *addr; }; struct myaddrs *myaddrs = NULL; -static char *service; +static const char *service; #ifdef USE_ROUTE static int sockfd = 0; #endif @@ -122,9 +119,6 @@ static void sig_terminate __P((int)); static void start_daemon __P((void)); static void exit_stderr __P((const char *, ...)) __attribute__((__format__(__printf__, 1, 2))); -#ifndef HAVE_GETIFADDRS -static unsigned int if_maxindex __P((void)); -#endif static void grab_myaddrs __P((void)); static void free_myaddrs __P((void)); static void update_myaddrs __P((void)); @@ -178,19 +172,19 @@ inetd_main(int argc, char **argv) sockfd = socket(PF_ROUTE, SOCK_RAW, PF_UNSPEC); if (sockfd < 0) { - exit_failure("socket(PF_ROUTE): %s", ERRSTR); + exit_failure("socket(PF_ROUTE): %s", strerror(errno)); /*NOTREACHED*/ } #endif melen = sizeof(me); if (getsockname(STDIN_FILENO, (struct sockaddr *)&me, &melen) < 0) { - exit_failure("getsockname: %s", ERRSTR); + exit_failure("getsockname: %s", strerror(errno)); /*NOTREACHED*/ } fromlen = sizeof(from); if (getpeername(STDIN_FILENO, (struct sockaddr *)&from, &fromlen) < 0) { - exit_failure("getpeername: %s", ERRSTR); + exit_failure("getpeername: %s", strerror(errno)); /*NOTREACHED*/ } if (getnameinfo((struct sockaddr *)&me, melen, NULL, 0, @@ -218,7 +212,7 @@ inetd_main(int argc, char **argv) error = setsockopt(STDIN_FILENO, SOL_SOCKET, SO_OOBINLINE, &on, sizeof(on)); if (error < 0) { - exit_failure("setsockopt(SO_OOBINLINE): %s", ERRSTR); + exit_failure("setsockopt(SO_OOBINLINE): %s", strerror(errno)); /*NOTREACHED*/ } @@ -325,17 +319,18 @@ daemon_main(int argc, char **argv) hints.ai_protocol = 0; error = getaddrinfo(NULL, service, &hints, &res); if (error) - exit_stderr("getaddrinfo: %s", gai_strerror(error)); + exit_failure("getaddrinfo: %s", gai_strerror(error)); s_wld = socket(res->ai_family, res->ai_socktype, res->ai_protocol); if (s_wld == -1) - exit_stderr("socket: %s", ERRSTR); + exit_failure("socket: %s", strerror(errno)); #ifdef IPV6_FAITH if (res->ai_family == AF_INET6) { error = setsockopt(s_wld, IPPROTO_IPV6, IPV6_FAITH, &on, sizeof(on)); if (error == -1) - exit_stderr("setsockopt(IPV6_FAITH): %s", ERRSTR); + exit_failure("setsockopt(IPV6_FAITH): %s", + strerror(errno)); } #endif #ifdef FAITH4 @@ -343,31 +338,32 @@ daemon_main(int argc, char **argv) if (res->ai_family == AF_INET) { error = setsockopt(s_wld, IPPROTO_IP, IP_FAITH, &on, sizeof(on)); if (error == -1) - exit_stderr("setsockopt(IP_FAITH): %s", ERRSTR); + exit_failure("setsockopt(IP_FAITH): %s", + strerror(errno)); } #endif #endif /* FAITH4 */ error = setsockopt(s_wld, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); if (error == -1) - exit_stderr("setsockopt(SO_REUSEADDR): %s", ERRSTR); + exit_failure("setsockopt(SO_REUSEADDR): %s", strerror(errno)); error = setsockopt(s_wld, SOL_SOCKET, SO_OOBINLINE, &on, sizeof(on)); if (error == -1) - exit_stderr("setsockopt(SO_OOBINLINE): %s", ERRSTR); + exit_failure("setsockopt(SO_OOBINLINE): %s", strerror(errno)); error = bind(s_wld, (struct sockaddr *)res->ai_addr, res->ai_addrlen); if (error == -1) - exit_stderr("bind: %s", ERRSTR); + exit_failure("bind: %s", strerror(errno)); error = listen(s_wld, 5); if (error == -1) - exit_stderr("listen: %s", ERRSTR); + exit_failure("listen: %s", strerror(errno)); #ifdef USE_ROUTE sockfd = socket(PF_ROUTE, SOCK_RAW, PF_UNSPEC); if (sockfd < 0) { - exit_stderr("socket(PF_ROUTE): %s", ERRSTR); + exit_failure("socket(PF_ROUTE): %s", strerror(errno)); /*NOTREACHED*/ } #endif @@ -419,7 +415,7 @@ again: if (error < 0) { if (errno == EINTR) goto again; - exit_failure("select: %s", ERRSTR); + exit_failure("select: %s", strerror(errno)); /*NOTREACHED*/ } @@ -433,7 +429,7 @@ again: s_src = accept(s_wld, (struct sockaddr *)&srcaddr, &len); if (s_src == -1) { - exit_failure("socket: %s", ERRSTR); + exit_failure("socket: %s", strerror(errno)); /*NOTREACHED*/ } @@ -462,9 +458,9 @@ play_child(int s_src, struct sockaddr *srcaddr) { struct sockaddr_storage dstaddr6; struct sockaddr_storage dstaddr4; - char src[MAXHOSTNAMELEN]; - char dst6[MAXHOSTNAMELEN]; - char dst4[MAXHOSTNAMELEN]; + char src[NI_MAXHOST]; + char dst6[NI_MAXHOST]; + char dst4[NI_MAXHOST]; int len = sizeof(dstaddr6); int s_dst, error, hport, nresvport, on = 1; struct timeval tv; @@ -480,7 +476,7 @@ play_child(int s_src, struct sockaddr *srcaddr) error = getsockname(s_src, (struct sockaddr *)&dstaddr6, &len); if (error == -1) { - exit_failure("getsockname: %s", ERRSTR); + exit_failure("getsockname: %s", strerror(errno)); /*NOTREACHED*/ } @@ -501,7 +497,8 @@ play_child(int s_src, struct sockaddr *srcaddr) dup2(0, 2); } execv(serverpath, serverarg); - syslog(LOG_ERR, "execv %s: %s", serverpath, ERRSTR); + syslog(LOG_ERR, "execv %s: %s", serverpath, + strerror(errno)); _exit(EXIT_FAILURE); } else { close(s_src); @@ -579,38 +576,38 @@ play_child(int s_src, struct sockaddr *srcaddr) break; } if (s_dst < 0) { - exit_failure("socket: %s", ERRSTR); + exit_failure("socket: %s", strerror(errno)); /*NOTREACHED*/ } if (conf->src.a.ss_family) { - if (bind(s_dst, (struct sockaddr *)&conf->src.a, + if (bind(s_dst, (const struct sockaddr *)&conf->src.a, conf->src.a.ss_len) < 0) { - exit_failure("bind: %s", ERRSTR); + exit_failure("bind: %s", strerror(errno)); /*NOTREACHED*/ } } error = setsockopt(s_dst, SOL_SOCKET, SO_OOBINLINE, &on, sizeof(on)); if (error < 0) { - exit_failure("setsockopt(SO_OOBINLINE): %s", ERRSTR); + exit_failure("setsockopt(SO_OOBINLINE): %s", strerror(errno)); /*NOTREACHED*/ } error = setsockopt(s_src, SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv)); if (error < 0) { - exit_failure("setsockopt(SO_SNDTIMEO): %s", ERRSTR); + exit_failure("setsockopt(SO_SNDTIMEO): %s", strerror(errno)); /*NOTREACHED*/ } error = setsockopt(s_dst, SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv)); if (error < 0) { - exit_failure("setsockopt(SO_SNDTIMEO): %s", ERRSTR); + exit_failure("setsockopt(SO_SNDTIMEO): %s", strerror(errno)); /*NOTREACHED*/ } error = connect(s_dst, sa4, sa4->sa_len); if (error < 0) { - exit_failure("connect: %s", ERRSTR); + exit_failure("connect: %s", strerror(errno)); /*NOTREACHED*/ } @@ -653,7 +650,7 @@ faith_prefix(struct sockaddr *dst) mib[3] = IPV6CTL_FAITH_PREFIX; size = sizeof(struct in6_addr); if (sysctl(mib, 4, &faith_prefix, &size, NULL, 0) < 0) { - exit_failure("sysctl: %s", ERRSTR); + exit_failure("sysctl: %s", strerror(errno)); /*NOTREACHED*/ } @@ -749,7 +746,8 @@ map4to6(struct sockaddr_in *dst4, struct sockaddr_in6 *dst6) hints.ai_protocol = 0; if ((ai_errno = getaddrinfo(host, serv, &hints, &res)) != 0) { - syslog(LOG_INFO, "%s %s: %s", host, serv, gai_strerror(ai_errno)); + syslog(LOG_INFO, "%s %s: %s", host, serv, + gai_strerror(ai_errno)); return 0; } @@ -787,7 +785,7 @@ start_daemon(void) #endif if (daemon(0, 0) == -1) - exit_stderr("daemon: %s", ERRSTR); + exit_stderr("daemon: %s", strerror(errno)); #ifdef SA_NOCLDWAIT memset(&sa, 0, sizeof(sa)); @@ -797,13 +795,13 @@ start_daemon(void) sigaction(SIGCHLD, &sa, (struct sigaction *)0); #else if (signal(SIGCHLD, sig_child) == SIG_ERR) { - exit_failure("signal CHLD: %s", ERRSTR); + exit_failure("signal CHLD: %s", strerror(errno)); /*NOTREACHED*/ } #endif if (signal(SIGTERM, sig_terminate) == SIG_ERR) { - exit_failure("signal TERM: %s", ERRSTR); + exit_failure("signal TERM: %s", strerror(errno)); /*NOTREACHED*/ } } @@ -848,27 +846,9 @@ exit_success(const char *fmt, ...) } #ifdef USE_ROUTE -#ifndef HAVE_GETIFADDRS -static unsigned int -if_maxindex() -{ - struct if_nameindex *p, *p0; - unsigned int max = 0; - - p0 = if_nameindex(); - for (p = p0; p && p->if_index && p->if_name; p++) { - if (max < p->if_index) - max = p->if_index; - } - if_freenameindex(p0); - return max; -} -#endif - static void grab_myaddrs() { -#ifdef HAVE_GETIFADDRS struct ifaddrs *ifap, *ifa; struct myaddrs *p; struct sockaddr_in6 *sin6; @@ -920,94 +900,6 @@ grab_myaddrs() } freeifaddrs(ifap); -#else - int s; - unsigned int maxif; - struct ifreq *iflist; - struct ifconf ifconf; - struct ifreq *ifr, *ifrp, *ifr_end; - struct myaddrs *p; - struct sockaddr_in6 *sin6; - size_t siz; - char ifrbuf[sizeof(struct ifreq) + 1024]; - - maxif = if_maxindex() + 1; - iflist = (struct ifreq *)malloc(maxif * BUFSIZ); /* XXX */ - if (!iflist) { - exit_failure("not enough core"); - /*NOTREACHED*/ - } - - if ((s = socket(PF_INET, SOCK_DGRAM, 0)) < 0) { - exit_failure("socket(SOCK_DGRAM)"); - /*NOTREACHED*/ - } - memset(&ifconf, 0, sizeof(ifconf)); - ifconf.ifc_req = iflist; - ifconf.ifc_len = maxif * BUFSIZ; /* XXX */ - if (ioctl(s, SIOCGIFCONF, &ifconf) < 0) { - exit_failure("ioctl(SIOCGIFCONF)"); - /*NOTREACHED*/ - } - close(s); - - /* Look for this interface in the list */ - ifr_end = (struct ifreq *) (ifconf.ifc_buf + ifconf.ifc_len); - for (ifrp = ifconf.ifc_req; - ifrp < ifr_end; - ifrp = (struct ifreq *)((char *)ifrp + siz)) { - memcpy(ifrbuf, ifrp, sizeof(*ifrp)); - ifr = (struct ifreq *)ifrbuf; - siz = ifr->ifr_addr.sa_len; - if (siz < sizeof(ifr->ifr_addr)) - siz = sizeof(ifr->ifr_addr); - siz += (sizeof(*ifrp) - sizeof(ifr->ifr_addr)); - if (siz > sizeof(ifrbuf)) { - /* ifr too big */ - break; - } - memcpy(ifrbuf, ifrp, siz); - - switch (ifr->ifr_addr.sa_family) { - case AF_INET: - case AF_INET6: - p = (struct myaddrs *)malloc(sizeof(struct myaddrs) - + ifr->ifr_addr.sa_len); - if (!p) { - exit_failure("not enough core"); - /*NOTREACHED*/ - } - memcpy(p + 1, &ifr->ifr_addr, ifr->ifr_addr.sa_len); - p->next = myaddrs; - p->addr = (struct sockaddr *)(p + 1); -#ifdef __KAME__ - if (ifr->ifr_addr.sa_family == AF_INET6) { - sin6 = (struct sockaddr_in6 *)p->addr; - if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr) - || IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) { - sin6->sin6_scope_id = - ntohs(*(u_int16_t *)&sin6->sin6_addr.s6_addr[2]); - sin6->sin6_addr.s6_addr[2] = 0; - sin6->sin6_addr.s6_addr[3] = 0; - } - } -#endif - myaddrs = p; - if (dflag) { - char hbuf[NI_MAXHOST]; - getnameinfo(p->addr, p->addr->sa_len, - hbuf, sizeof(hbuf), NULL, 0, - NI_NUMERICHOST); - syslog(LOG_INFO, "my interface: %s %s", hbuf, ifr->ifr_name); - } - break; - default: - break; - } - } - - free(iflist); -#endif } static void diff --git a/usr.sbin/faithd/faithd.h b/usr.sbin/faithd/faithd.h index 8a5021b..0efb2b8 100644 --- a/usr.sbin/faithd/faithd.h +++ b/usr.sbin/faithd/faithd.h @@ -1,4 +1,4 @@ -/* $KAME: faithd.h,v 1.6 2000/10/05 22:20:37 itojun Exp $ */ +/* $KAME: faithd.h,v 1.8 2001/09/05 03:04:21 itojun Exp $ */ /* * Copyright (C) 1997 and 1998 WIDE Project. @@ -69,6 +69,4 @@ extern void exit_failure __P((const char *, ...)) #define UC(b) (((int)b)&0xff) -#define ERRSTR strerror(errno) - #define FAITH_TIMEOUT (30 * 60) /*second*/ diff --git a/usr.sbin/faithd/ftp.c b/usr.sbin/faithd/ftp.c index 851409f..e086de6 100644 --- a/usr.sbin/faithd/ftp.c +++ b/usr.sbin/faithd/ftp.c @@ -1,4 +1,4 @@ -/* $KAME: ftp.c,v 1.10 2000/09/14 00:23:39 itojun Exp $ */ +/* $KAME: ftp.c,v 1.11 2001/07/02 14:36:49 itojun Exp $ */ /* * Copyright (C) 1997 and 1998 WIDE Project. @@ -103,7 +103,7 @@ ftp_relay(int ctl6, int ctl4) error = select(256, &readfds, NULL, NULL, &tv); if (error == -1) - exit_failure("select: %s", ERRSTR); + exit_failure("select: %s", strerror(errno)); else if (error == 0) exit_failure("connection timeout"); @@ -200,7 +200,7 @@ ftp_relay(int ctl6, int ctl4) } bad: - exit_failure(ERRSTR); + exit_failure("%s", strerror(errno)); } static int @@ -330,7 +330,7 @@ ftp_copy(int src, int dst) } bad: - exit_failure(ERRSTR); + exit_failure("%s", strerror(errno)); /*NOTREACHED*/ return 0; /* to make gcc happy */ } @@ -504,7 +504,7 @@ passivefail: error = setsockopt(wport6, IPPROTO_IPV6, IPV6_FAITH, &on, sizeof(on)); if (error == -1) - exit_failure("setsockopt(IPV6_FAITH): %s", ERRSTR); + exit_failure("setsockopt(IPV6_FAITH): %s", strerror(errno)); } #endif error = bind(wport6, (struct sockaddr *)sin6, sin6->sin6_len); @@ -626,7 +626,7 @@ passivefail2: error = setsockopt(wport6, IPPROTO_IP, IP_FAITH, &on, sizeof(on)); if (error == -1) - exit_error("setsockopt(IP_FAITH): %s", ERRSTR); + exit_error("setsockopt(IP_FAITH): %s", strerror(errno)); } #endif error = bind(wport6, (struct sockaddr *)sin, sin->sin_len); @@ -685,7 +685,7 @@ passivefail2: } bad: - exit_failure(ERRSTR); + exit_failure("%s", strerror(errno)); /*NOTREACHED*/ return 0; /* to make gcc happy */ } @@ -1119,7 +1119,7 @@ portfail: } bad: - exit_failure(ERRSTR); + exit_failure("%s", strerror(errno)); /*NOTREACHED*/ return 0; /* to make gcc happy */ } diff --git a/usr.sbin/faithd/prefix.c b/usr.sbin/faithd/prefix.c index 739ae56..a13c640 100644 --- a/usr.sbin/faithd/prefix.c +++ b/usr.sbin/faithd/prefix.c @@ -1,4 +1,4 @@ -/* $KAME: prefix.c,v 1.8 2000/11/24 06:16:56 itojun Exp $ */ +/* $KAME: prefix.c,v 1.9 2001/07/02 14:36:49 itojun Exp $ */ /* $FreeBSD$ */ /* @@ -136,8 +136,8 @@ prefix_string(prefix) static char buf[NI_MAXHOST + 20]; char hbuf[NI_MAXHOST]; - if (getnameinfo((struct sockaddr *)&prefix->a, prefix->a.ss_len, hbuf, - sizeof(hbuf), NULL, 0, niflags)) + if (getnameinfo((const struct sockaddr *)&prefix->a, prefix->a.ss_len, + hbuf, sizeof(hbuf), NULL, 0, niflags)) return NULL; snprintf(buf, sizeof(buf), "%s/%d", hbuf, prefix->l); return buf; diff --git a/usr.sbin/faithd/prefix.h b/usr.sbin/faithd/prefix.h index 3ef56e3..2a29639 100644 --- a/usr.sbin/faithd/prefix.h +++ b/usr.sbin/faithd/prefix.h @@ -1,4 +1,4 @@ -/* $KAME: prefix.h,v 1.3 2000/11/19 11:45:38 itojun Exp $ */ +/* $KAME: prefix.h,v 1.4 2001/09/05 03:04:21 itojun Exp $ */ /* $FreeBSD$ */ /* diff --git a/usr.sbin/faithd/rsh.c b/usr.sbin/faithd/rsh.c index 4e11d76..ab8e623e 100644 --- a/usr.sbin/faithd/rsh.c +++ b/usr.sbin/faithd/rsh.c @@ -1,4 +1,4 @@ -/* $KAME: rsh.c,v 1.5 2001/02/15 17:28:04 itojun Exp $ */ +/* $KAME: rsh.c,v 1.7 2001/09/05 01:10:30 itojun Exp $ */ /* * Copyright (C) 1997 and 1998 WIDE Project. @@ -69,7 +69,7 @@ rsh_relay(int s_src, int s_dst) tv.tv_usec = 0; error = select(256, &readfds, NULL, NULL, &tv); if (error == -1) - exit_failure("select %d: %s", s_src, ERRSTR); + exit_failure("select %d: %s", s_src, strerror(errno)); else if (error == 0) exit_failure("connection timeout"); @@ -102,7 +102,7 @@ relay(int src, int dst) switch (n) { case -1: - exit_failure(ERRSTR); + exit_failure("%s", strerror(errno)); case 0: if (s_rcv == src) { /* half close */ @@ -180,7 +180,7 @@ rsh_dual_relay(int s_src, int s_dst) error = select(256, &readfds, NULL, NULL, &tv); if (error == -1) - exit_failure("select 4 sockets: %s", ERRSTR); + exit_failure("select 4 sockets: %s", strerror(errno)); else if (error == 0) exit_failure("connection timeout"); @@ -208,5 +208,5 @@ rsh_dual_relay(int s_src, int s_dst) /* NOTREACHED */ bad: - exit_failure(ERRSTR); + exit_failure("%s", strerror(errno)); } diff --git a/usr.sbin/faithd/tcp.c b/usr.sbin/faithd/tcp.c index c754dfc..68a2f51 100644 --- a/usr.sbin/faithd/tcp.c +++ b/usr.sbin/faithd/tcp.c @@ -1,4 +1,4 @@ -/* $KAME: tcp.c,v 1.5 2000/09/29 03:48:31 sakane Exp $ */ +/* $KAME: tcp.c,v 1.8 2001/11/21 07:40:22 itojun Exp $ */ /* * Copyright (C) 1997 and 1998 WIDE Project. @@ -60,7 +60,7 @@ static fd_set readfds, writefds, exceptfds; static char atmark_buf[2]; static pid_t cpid = (pid_t)0; static pid_t ppid = (pid_t)0; -static time_t child_lastactive = (time_t)0; +volatile time_t child_lastactive = (time_t)0; static time_t parent_lastactive = (time_t)0; static void sig_ctimeout __P((int)); @@ -179,7 +179,7 @@ send_data(int s_rcv, int s_snd, const char *service, int direction) return; retry_or_err: if (errno != EAGAIN) - exit_failure("writing relay data failed: %s", ERRSTR); + exit_failure("writing relay data failed: %s", strerror(errno)); FD_SET(s_snd, &writefds); } @@ -210,7 +210,7 @@ relay(int s_rcv, int s_snd, const char *service, int direction) if (error == -1) { if (errno == EINTR) continue; - exit_failure("select: %s", ERRSTR); + exit_failure("select: %s", strerror(errno)); } else if (error == 0) { readfds = oreadfds; writefds = owritefds; @@ -237,7 +237,7 @@ relay(int s_rcv, int s_snd, const char *service, int direction) goto oob_read_retry; exit_failure("reading oob data failed" ": %s", - ERRSTR); + strerror(errno)); } } } @@ -251,7 +251,7 @@ relay(int s_rcv, int s_snd, const char *service, int direction) if (errno == EINTR) goto relaydata_read_retry; exit_failure("reading relay data failed: %s", - ERRSTR); + strerror(errno)); /* NOTREACHED */ case 0: /* to close opposite-direction relay process */ @@ -282,7 +282,8 @@ tcp_relay(int s_src, int s_dst, const char *service) cpid = fork(); switch (cpid) { case -1: - exit_failure("tcp_relay: can't fork grand child: %s", ERRSTR); + exit_failure("tcp_relay: can't fork grand child: %s", + strerror(errno)); /* NOTREACHED */ case 0: /* child process: relay going traffic */ |
