Remove in_pcbnotify and use in_pcblookup_hash to find the cb directly.

For TCP, verify that the sequence number in the ICMP packet falls within
the tcp receive window before performing any actions indicated by the
icmp packet.

Clean up some layering violations (access to tcp internals from in_pcb)

1 files changed, 9 insertions, 94 deletions

diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c
index 0a8e952..d87b2a8 100644
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@@ -62,8 +62,6 @@
 #include <netinet/in_pcb.h>
 #include <netinet/in_var.h>
 #include <netinet/ip_var.h>
-#include <netinet/tcp.h>
-#include <netinet/tcp_var.h>
 #ifdef INET6
 #include <netinet/ip6.h>
 #include <netinet6/ip6_var.h>
@@ -657,110 +655,27 @@ in_setpeeraddr(so, nam)
 	return 0;
 }
 
-/*
- * Pass some notification to all connections of a protocol
- * associated with address dst.  The local address and/or port numbers
- * may be specified to limit the search.  The "usual action" will be
- * taken, depending on the ctlinput cmd.  The caller must filter any
- * cmds that are uninteresting (e.g., no error in the map).
- * Call the protocol specific routine (if any) to report
- * any errors for each matching socket.
- *
- * If tcp_seq_check != 0 it also checks if tcp_sequence is
- * a valid TCP sequence number for the session.
- */
 void
-in_pcbnotify(head, dst, fport_arg, laddr, lport_arg, cmd, notify, tcp_sequence, tcp_seq_check)
+in_pcbnotifyall(head, faddr, errno, notify)
 	struct inpcbhead *head;
-	struct sockaddr *dst;
-	u_int fport_arg, lport_arg;
-	struct in_addr laddr;
-	int cmd;
-	void (*notify) __P((struct inpcb *, int));
-	u_int32_t tcp_sequence;
-	int tcp_seq_check;
-{
-	register struct inpcb *inp, *oinp;
 	struct in_addr faddr;
-	u_short fport = fport_arg, lport = lport_arg;
-	int errno, s;
-
-	if ((unsigned)cmd > PRC_NCMDS || dst->sa_family != AF_INET)
-		return;
-	faddr = ((struct sockaddr_in *)dst)->sin_addr;
-	if (faddr.s_addr == INADDR_ANY)
-		return;
-
-	errno = inetctlerrmap[cmd];
-	s = splnet();
-	for (inp = LIST_FIRST(head); inp != NULL;) {
-#ifdef INET6
-		if ((inp->inp_vflag & INP_IPV4) == 0) {
-			inp = LIST_NEXT(inp, inp_list);
-			continue;
-		}
-#endif
-		if (inp->inp_faddr.s_addr != faddr.s_addr ||
-		    inp->inp_socket == 0 || inp->inp_lport != lport ||
-		    inp->inp_laddr.s_addr != laddr.s_addr ||
-		    inp->inp_fport != fport) {
-				inp = LIST_NEXT(inp, inp_list);
-				continue;
-		}
-		/*
-		 * If tcp_seq_check is set, then skip sessions where
-		 * the sequence number is not one of a unacknowledged
-		 * packet.
-		 *
-		 * If it doesn't match, we break the loop, as only a
-		 * single session can match on src/dst ip addresses 
-		 * and TCP port numbers.
-		 */
-		if ((tcp_seq_check == 1) && (tcp_seq_vs_sess(inp, tcp_sequence) == 0))
-			break;
-		oinp = inp;
-		inp = LIST_NEXT(inp, inp_list);
-		if (notify)
-			(*notify)(oinp, errno);
-	}
-	splx(s);
-}
-
-void
-in_pcbnotifyall(head, dst, cmd, notify)
-	struct inpcbhead *head;
-	struct sockaddr *dst;
-	int cmd;
+	int errno;
 	void (*notify) __P((struct inpcb *, int));
 {
-	register struct inpcb *inp, *oinp;
-	struct in_addr faddr;
-	int errno, s;
-
-	if ((unsigned)cmd > PRC_NCMDS || dst->sa_family != AF_INET)
-		return;
-	faddr = ((struct sockaddr_in *)dst)->sin_addr;
-	if (faddr.s_addr == INADDR_ANY)
-		return;
+	struct inpcb *inp, *ninp;
+	int s;
 
-	errno = inetctlerrmap[cmd];
 	s = splnet();
-	for (inp = LIST_FIRST(head); inp != NULL;) {
+	for (inp = LIST_FIRST(head); inp != NULL; inp = ninp) {
+		ninp = LIST_NEXT(inp, inp_list);
 #ifdef INET6
-		if ((inp->inp_vflag & INP_IPV4) == 0) {
-			inp = LIST_NEXT(inp, inp_list);
+		if ((inp->inp_vflag & INP_IPV4) == 0)
 			continue;
-		}
 #endif
 		if (inp->inp_faddr.s_addr != faddr.s_addr ||
-			inp->inp_socket == 0) {
-				inp = LIST_NEXT(inp, inp_list);
+		    inp->inp_socket == NULL)
 				continue;
-		}
-		oinp = inp;
-		inp = LIST_NEXT(inp, inp_list);
-		if (notify)
-			(*notify)(oinp, errno);
+		(*notify)(inp, errno);
 	}
 	splx(s);
 }