Brucification.

Submitted by:	bde

8 files changed, 43 insertions, 38 deletions

diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c
index 4a781e1..17011ca 100644
--- a/sys/netinet/tcp_input.c
+++ b/sys/netinet/tcp_input.c
@@ -2537,7 +2537,7 @@ tcp_dooptions(to, cp, cnt, is_syn)
 				continue;
 			to->to_flags |= (TOF_SIGNATURE | TOF_SIGLEN);
 			break;
-#endif /* TCP_SIGNATURE */
+#endif
 		default:
 			continue;
 		}
diff --git a/sys/netinet/tcp_output.c b/sys/netinet/tcp_output.c
index 64c7fa6..bfa2364 100644
--- a/sys/netinet/tcp_output.c
+++ b/sys/netinet/tcp_output.c
@@ -118,7 +118,7 @@ tcp_output(struct tcpcb *tp)
 	int off, flags, error;
 #ifdef TCP_SIGNATURE
 	int sigoff = 0;
-#endif /* TCP_SIGNATURE */
+#endif
 	struct mbuf *m;
 	struct ip *ip = NULL;
 	struct ipovly *ipov = NULL;
@@ -787,9 +787,9 @@ send:
 	if (!isipv6)
 #endif
 	if (tp->t_flags & TF_SIGNATURE)
-		tcpsignature_compute(m, sizeof(struct ip), len, optlen,
+		tcp_signature_compute(m, sizeof(struct ip), len, optlen,
 		    (u_char *)(th + 1) + sigoff, IPSEC_DIR_OUTBOUND);
-#endif /* TCP_SIGNATURE */
+#endif
 
 	/*
 	 * Put TCP length in extended header, and then
diff --git a/sys/netinet/tcp_reass.c b/sys/netinet/tcp_reass.c
index 4a781e1..17011ca 100644
--- a/sys/netinet/tcp_reass.c
+++ b/sys/netinet/tcp_reass.c
@@ -2537,7 +2537,7 @@ tcp_dooptions(to, cp, cnt, is_syn)
 				continue;
 			to->to_flags |= (TOF_SIGNATURE | TOF_SIGLEN);
 			break;
-#endif /* TCP_SIGNATURE */
+#endif
 		default:
 			continue;
 		}
diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c
index c21e1fe..7feefdc 100644
--- a/sys/netinet/tcp_subr.c
+++ b/sys/netinet/tcp_subr.c
@@ -1922,6 +1922,18 @@ tcp_xmit_bandwidth_limit(struct tcpcb *tp, tcp_seq ack_seq)
 
 #ifdef TCP_SIGNATURE
 /*
+ * Callback function invoked by m_apply() to digest TCP segment data
+ * contained within an mbuf chain.
+ */
+static int
+tcp_signature_apply(void *fstate, void *data, u_int len)
+{
+
+	MD5Update((MD5_CTX *)fstate, (unsigned char *)data, (unsigned int)len);
+	return (0);
+}
+
+/*
  * Compute TCP-MD5 hash of a TCPv4 segment. (RFC2385)
  *
  * Parameters:
@@ -1948,7 +1960,7 @@ tcp_xmit_bandwidth_limit(struct tcpcb *tp, tcp_seq ack_seq)
  * specify per-application flows but it is unstable.
  */
 int
-tcpsignature_compute(struct mbuf *m, int off0, int len, int optlen,
+tcp_signature_compute(struct mbuf *m, int off0, int len, int optlen,
     u_char *buf, u_int direction)
 {
 	union sockaddr_union dst;
@@ -2015,7 +2027,7 @@ tcpsignature_compute(struct mbuf *m, int off0, int len, int optlen,
 	 *         Use m_apply() to avoid an early m_pullup().
 	 */
 	if (len > 0)
-		m_apply(m, doff, len, tcpsignature_apply, &ctx);
+		m_apply(m, doff, len, tcp_signature_apply, &ctx);
 
 	/*
 	 * Step 4: Update MD5 hash with shared secret.
@@ -2027,12 +2039,4 @@ tcpsignature_compute(struct mbuf *m, int off0, int len, int optlen,
 	KEY_FREESAV(&sav);
 	return (0);
 }
-
-int
-tcpsignature_apply(void *fstate, void *data, u_int len)
-{
-
-	MD5Update((MD5_CTX *)fstate, (unsigned char *)data, (unsigned int)len);
-	return (0);
-}
 #endif /* TCP_SIGNATURE */
diff --git a/sys/netinet/tcp_syncache.c b/sys/netinet/tcp_syncache.c
index 14eb315..d2ed8fc 100644
--- a/sys/netinet/tcp_syncache.c
+++ b/sys/netinet/tcp_syncache.c
@@ -699,7 +699,7 @@ syncache_socket(sc, lso, m)
 #ifdef TCP_SIGNATURE
 	if (sc->sc_flags & SCF_SIGNATURE)
 		tp->t_flags |= TF_SIGNATURE;
-#endif /* TCP_SIGNATURE */
+#endif
 
 	/*
 	 * Set up MSS and get cached values from tcp_hostcache.
@@ -985,7 +985,7 @@ syncache_add(inc, to, th, sop, m)
 	 */
 	if (to->to_flags & TOF_SIGNATURE)
 		sc->sc_flags = SCF_SIGNATURE;
-#endif /* TCP_SIGNATURE */
+#endif
 
 	/*
 	 * XXX
@@ -1100,9 +1100,9 @@ syncache_respond(sc, m)
 		    ((sc->sc_flags & SCF_TIMESTAMP) ? TCPOLEN_TSTAMP_APPA : 0) +
 		    ((sc->sc_flags & SCF_CC) ? TCPOLEN_CC_APPA * 2 : 0);
 #ifdef TCP_SIGNATURE
-		optlen += ((sc->sc_flags & SCF_SIGNATURE) ?
-		    (TCPOLEN_SIGNATURE + 2) : 0);
-#endif /* TCP_SIGNATURE */
+		optlen += (sc->sc_flags & SCF_SIGNATURE) ?
+		    (TCPOLEN_SIGNATURE + 2) : 0;
+#endif
 	}
 	tlen = hlen + sizeof(struct tcphdr) + optlen;
 
@@ -1233,7 +1233,7 @@ syncache_respond(sc, m)
 			*bp++ = TCPOLEN_SIGNATURE;
 			for (i = 0; i < TCP_SIGLEN; i++)
 				*bp++ = 0;
-			tcpsignature_compute(m, sizeof(struct ip), 0, optlen,
+			tcp_signature_compute(m, sizeof(struct ip), 0, optlen,
 			    optp + 2, IPSEC_DIR_OUTBOUND);
 			*bp++ = TCPOPT_NOP;
 			*bp++ = TCPOPT_EOL;
diff --git a/sys/netinet/tcp_timewait.c b/sys/netinet/tcp_timewait.c
index c21e1fe..7feefdc 100644
--- a/sys/netinet/tcp_timewait.c
+++ b/sys/netinet/tcp_timewait.c
@@ -1922,6 +1922,18 @@ tcp_xmit_bandwidth_limit(struct tcpcb *tp, tcp_seq ack_seq)
 
 #ifdef TCP_SIGNATURE
 /*
+ * Callback function invoked by m_apply() to digest TCP segment data
+ * contained within an mbuf chain.
+ */
+static int
+tcp_signature_apply(void *fstate, void *data, u_int len)
+{
+
+	MD5Update((MD5_CTX *)fstate, (unsigned char *)data, (unsigned int)len);
+	return (0);
+}
+
+/*
  * Compute TCP-MD5 hash of a TCPv4 segment. (RFC2385)
  *
  * Parameters:
@@ -1948,7 +1960,7 @@ tcp_xmit_bandwidth_limit(struct tcpcb *tp, tcp_seq ack_seq)
  * specify per-application flows but it is unstable.
  */
 int
-tcpsignature_compute(struct mbuf *m, int off0, int len, int optlen,
+tcp_signature_compute(struct mbuf *m, int off0, int len, int optlen,
     u_char *buf, u_int direction)
 {
 	union sockaddr_union dst;
@@ -2015,7 +2027,7 @@ tcpsignature_compute(struct mbuf *m, int off0, int len, int optlen,
 	 *         Use m_apply() to avoid an early m_pullup().
 	 */
 	if (len > 0)
-		m_apply(m, doff, len, tcpsignature_apply, &ctx);
+		m_apply(m, doff, len, tcp_signature_apply, &ctx);
 
 	/*
 	 * Step 4: Update MD5 hash with shared secret.
@@ -2027,12 +2039,4 @@ tcpsignature_compute(struct mbuf *m, int off0, int len, int optlen,
 	KEY_FREESAV(&sav);
 	return (0);
 }
-
-int
-tcpsignature_apply(void *fstate, void *data, u_int len)
-{
-
-	MD5Update((MD5_CTX *)fstate, (unsigned char *)data, (unsigned int)len);
-	return (0);
-}
 #endif /* TCP_SIGNATURE */
diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c
index 6d4e540..4ff4999 100644
--- a/sys/netinet/tcp_usrreq.c
+++ b/sys/netinet/tcp_usrreq.c
@@ -1143,7 +1143,7 @@ tcp_ctloutput(so, sopt)
 		case TCP_SIGNATURE_ENABLE:
 			optval = (tp->t_flags & TF_SIGNATURE) ? 1 : 0;
 			break;
-#endif /* TCP_SIGNATURE */
+#endif
 		case TCP_NODELAY:
 			optval = tp->t_flags & TF_NODELAY;
 			break;
diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h
index 6d46789..e8aa435 100644
--- a/sys/netinet/tcp_var.h
+++ b/sys/netinet/tcp_var.h
@@ -537,6 +537,9 @@ void	 tcp_respond(struct tcpcb *, void *,
 	    struct tcphdr *, struct mbuf *, tcp_seq, tcp_seq, int);
 int	 tcp_twrespond(struct tcptw *, struct socket *, struct mbuf *, int);
 void	 tcp_setpersist(struct tcpcb *);
+#ifdef TCP_SIGNATURE
+int	 tcp_signature_compute(struct mbuf *, int, int, int, u_char *, u_int);
+#endif
 void	 tcp_slowtimo(void);
 struct tcptemp *
 	 tcpip_maketemplate(struct inpcb *);
@@ -568,12 +571,6 @@ void	 tcp_hc_updatetao(struct in_conninfo *, int, tcp_cc, u_short);
 #define TCP_HC_TAO_CCSENT	0x2
 #define TCP_HC_TAO_MSSOPT	0x3
 
-#ifdef TCP_SIGNATURE
-int tcpsignature_apply(void *fstate, void *data, u_int len);
-int tcpsignature_compute(struct mbuf *m, int off0, int len, int tcpoptlen,
-    u_char *buf, u_int direction);
-#endif /* TCP_SIGNATURE */
-
 extern	struct pr_usrreqs tcp_usrreqs;
 extern	u_long tcp_sendspace;
 extern	u_long tcp_recvspace;