diff options
author | sam <sam@FreeBSD.org> | 2003-09-29 22:57:43 +0000 |
---|---|---|
committer | sam <sam@FreeBSD.org> | 2003-09-29 22:57:43 +0000 |
commit | 0a6c1d4242d4d23328bf77b152fe0864e2db7f35 (patch) | |
tree | 8a7531562577bbc1732a8f3b1aa8301245449cab /sys/netipsec/xform_ipip.c | |
parent | 9dc7c620e432a011a3fdcfb8183076ad041baeac (diff) | |
download | FreeBSD-src-0a6c1d4242d4d23328bf77b152fe0864e2db7f35.zip FreeBSD-src-0a6c1d4242d4d23328bf77b152fe0864e2db7f35.tar.gz |
MFp4: portability work, general cleanup, locking fixes
change 38496
o add ipsec_osdep.h that holds os-specific definitions for portability
o s/KASSERT/IPSEC_ASSERT/ for portability
o s/SPLASSERT/IPSEC_SPLASSERT/ for portability
o remove function names from ASSERT strings since line#+file pinpints
the location
o use __func__ uniformly to reduce string storage
o convert some random #ifdef DIAGNOSTIC code to assertions
o remove some debuggging assertions no longer needed
change 38498
o replace numerous bogus panic's with equally bogus assertions
that at least go away on a production system
change 38502 + 38530
o change explicit mtx operations to #defines to simplify
future changes to a different lock type
change 38531
o hookup ipv4 ctlinput paths to a noop routine; we should be
handling path mtu changes at least
o correct potential null pointer deref in ipsec4_common_input_cb
chnage 38685
o fix locking for bundled SA's and for when key exchange is required
change 38770
o eliminate recursion on the SAHTREE lock
change 38804
o cleanup some types: long -> time_t
o remove refrence to dead #define
change 38805
o correct some types: long -> time_t
o add scan generation # to secpolicy to deal with locking issues
change 38806
o use LIST_FOREACH_SAFE instead of handrolled code
o change key_flush_spd to drop the sptree lock before purging
an entry to avoid lock recursion and to avoid holding the lock
over a long-running operation
o misc cleanups of tangled and twisty code
There is still much to do here but for now things look to be
working again.
Supported by: FreeBSD Foundation
Diffstat (limited to 'sys/netipsec/xform_ipip.c')
-rw-r--r-- | sys/netipsec/xform_ipip.c | 37 |
1 files changed, 18 insertions, 19 deletions
diff --git a/sys/netipsec/xform_ipip.c b/sys/netipsec/xform_ipip.c index 11ec9b9..a845322 100644 --- a/sys/netipsec/xform_ipip.c +++ b/sys/netipsec/xform_ipip.c @@ -114,7 +114,7 @@ ip4_input6(struct mbuf **m, int *offp, int proto) #if 0 /* If we do not accept IP-in-IP explicitly, drop. */ if (!ipip_allow && ((*m)->m_flags & M_IPSEC) == 0) { - DPRINTF(("ip4_input6: dropped due to policy\n")); + DPRINTF(("%s: dropped due to policy\n", __func__)); ipipstat.ipips_pdrops++; m_freem(*m); return IPPROTO_DONE; @@ -138,7 +138,7 @@ ip4_input(struct mbuf *m, ...) #if 0 /* If we do not accept IP-in-IP explicitly, drop. */ if (!ipip_allow && (m->m_flags & M_IPSEC) == 0) { - DPRINTF(("ip4_input: dropped due to policy\n")); + DPRINTF(("%s: dropped due to policy\n", __func__)); ipipstat.ipips_pdrops++; m_freem(m); return; @@ -201,7 +201,7 @@ _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp) /* Bring the IP header in the first mbuf, if not there already */ if (m->m_len < hlen) { if ((m = m_pullup(m, hlen)) == NULL) { - DPRINTF(("ipip_input: m_pullup (1) failed\n")); + DPRINTF(("%s: m_pullup (1) failed\n", __func__)); ipipstat.ipips_hdrops++; return; } @@ -269,7 +269,7 @@ _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp) */ if (m->m_len < hlen) { if ((m = m_pullup(m, hlen)) == NULL) { - DPRINTF(("ipip_input: m_pullup (2) failed\n")); + DPRINTF(("%s: m_pullup (2) failed\n", __func__)); ipipstat.ipips_hdrops++; return; } @@ -376,12 +376,13 @@ _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp) break; #endif default: - panic("ipip_input: should never reach here"); + panic("%s: bogus ip version %u", __func__, v>>4); } if (!netisr_queue(isr, m)) { ipipstat.ipips_qfull++; - DPRINTF(("ipip_input: packet dropped because of full queue\n")); + DPRINTF(("%s: packet dropped because of full queue\n", + __func__)); } } @@ -406,13 +407,11 @@ ipip_output( struct ip6_hdr *ip6, *ip6o; #endif /* INET6 */ -#if 0 - SPLASSERT(net, "ipip_output"); -#endif + IPSEC_SPLASSERT_SOFTNET(__func__); sav = isr->sav; - KASSERT(sav != NULL, ("ipip_output: null SA")); - KASSERT(sav->sah != NULL, ("ipip_output: null SAH")); + IPSEC_ASSERT(sav != NULL, ("null SA")); + IPSEC_ASSERT(sav->sah != NULL, ("null SAH")); /* XXX Deal with empty TDB source/destination addresses. */ @@ -426,8 +425,8 @@ ipip_output( if (saidx->src.sa.sa_family != AF_INET || saidx->src.sin.sin_addr.s_addr == INADDR_ANY || saidx->dst.sin.sin_addr.s_addr == INADDR_ANY) { - DPRINTF(("ipip_output: unspecified tunnel endpoint " - "address in SA %s/%08lx\n", + DPRINTF(("%s: unspecified tunnel endpoint " + "address in SA %s/%08lx\n", __func__, ipsec_address(&saidx->dst), (u_long) ntohl(sav->spi))); ipipstat.ipips_unspec++; @@ -437,7 +436,7 @@ ipip_output( M_PREPEND(m, sizeof(struct ip), M_DONTWAIT); if (m == 0) { - DPRINTF(("ipip_output: M_PREPEND failed\n")); + DPRINTF(("%s: M_PREPEND failed\n", __func__)); ipipstat.ipips_hdrops++; error = ENOBUFS; goto bad; @@ -507,8 +506,8 @@ ipip_output( if (IN6_IS_ADDR_UNSPECIFIED(&saidx->dst.sin6.sin6_addr) || saidx->src.sa.sa_family != AF_INET6 || IN6_IS_ADDR_UNSPECIFIED(&saidx->src.sin6.sin6_addr)) { - DPRINTF(("ipip_output: unspecified tunnel endpoint " - "address in SA %s/%08lx\n", + DPRINTF(("%s: unspecified tunnel endpoint " + "address in SA %s/%08lx\n", __func__, ipsec_address(&saidx->dst), (u_long) ntohl(sav->spi))); ipipstat.ipips_unspec++; @@ -525,7 +524,7 @@ ipip_output( M_PREPEND(m, sizeof(struct ip6_hdr), M_DONTWAIT); if (m == 0) { - DPRINTF(("ipip_output: M_PREPEND failed\n")); + DPRINTF(("%s: M_PREPEND failed\n", __func__)); ipipstat.ipips_hdrops++; *mp = NULL; error = ENOBUFS; @@ -575,7 +574,7 @@ ipip_output( default: nofamily: - DPRINTF(("ipip_output: unsupported protocol family %u\n", + DPRINTF(("%s: unsupported protocol family %u\n", __func__, saidx->dst.sa.sa_family)); ipipstat.ipips_family++; error = EAFNOSUPPORT; /* XXX diffs from openbsd */ @@ -634,7 +633,7 @@ static int ipe4_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) { /* This is a rather serious mistake, so no conditional printing. */ - printf("ipe4_input: should never be called\n"); + printf("%s: should never be called\n", __func__); if (m) m_freem(m); return EOPNOTSUPP; |