diff options
Diffstat (limited to 'sys/contrib/ipfilter/netinet/ip_auth.c')
-rw-r--r-- | sys/contrib/ipfilter/netinet/ip_auth.c | 139 |
1 files changed, 55 insertions, 84 deletions
diff --git a/sys/contrib/ipfilter/netinet/ip_auth.c b/sys/contrib/ipfilter/netinet/ip_auth.c index 604d754..fb9910d 100644 --- a/sys/contrib/ipfilter/netinet/ip_auth.c +++ b/sys/contrib/ipfilter/netinet/ip_auth.c @@ -3,7 +3,7 @@ * * See the IPFILTER.LICENCE file for details on licencing. */ -#if defined(__sgi) && (IRIX > 602) +#ifdef __sgi # include <sys/ptimers.h> #endif #include <sys/errno.h> @@ -104,7 +104,8 @@ extern struct ifqueue ipintrq; /* ip packet input queue */ #endif #if !defined(lint) -static const char rcsid[] = "@(#)$Id: ip_auth.c,v 2.11.2.24 2002/12/06 11:40:21 darrenr Exp $"; +/* static const char rcsid[] = "@(#)$Id: ip_auth.c,v 2.11.2.12 2001/07/18 14:57:08 darrenr Exp $"; */ +static const char rcsid[] = "@(#)$FreeBSD$"; #endif @@ -282,6 +283,11 @@ ip_t *ip; bo = ip->ip_len; ip->ip_len = htons(bo); +# if !SOLARIS && !defined(__NetBSD__) && !defined(__FreeBSD__) + /* 4.4BSD converts this ip_input.c, but I don't in solaris.c */ + bo = ip->ip_id; + ip->ip_id = htons(bo); +# endif bo = ip->ip_off; ip->ip_off = htons(bo); } @@ -292,7 +298,7 @@ ip_t *ip; cv_signal(&ipfauthwait); #else # if defined(BSD) && !defined(sparc) && (BSD >= 199306) - if (fin->fin_out == 0) { + if (!fin->fin_out) { ip->ip_len = htons(ip->ip_len); ip->ip_off = htons(ip->ip_off); } @@ -304,7 +310,7 @@ ip_t *ip; } -int fr_auth_ioctl(data, mode, cmd) +int fr_auth_ioctl(data, mode, cmd, fr, frptr) caddr_t data; int mode; #if defined(__NetBSD__) || defined(__OpenBSD__) || (__FreeBSD_version >= 300003) @@ -312,22 +318,19 @@ u_long cmd; #else int cmd; #endif +frentry_t *fr, **frptr; { mb_t *m; #if defined(_KERNEL) && !SOLARIS - struct ifqueue *ifq; int s; #endif frauth_t auth, *au = &auth, *fra; + frauthent_t *fae, **faep; int i, error = 0; switch (cmd) { case SIOCSTLCK : - if (!(mode & FWRITE)) { - error = EPERM; - break; - } error = fr_lock(data, &fr_auth_lock); break; case SIOCINIFR : @@ -340,8 +343,45 @@ int cmd; break; case SIOCRMAFR : case SIOCADAFR : - /* These commands go via request to fr_preauthcmd */ - error = EINVAL; + for (faep = &fae_list; (fae = *faep); ) + if (&fae->fae_fr == fr) + break; + else + faep = &fae->fae_next; + if (cmd == SIOCRMAFR) { + if (!fr || !frptr) + error = EINVAL; + else if (!fae) + error = ESRCH; + else { + WRITE_ENTER(&ipf_auth); + SPL_NET(s); + *faep = fae->fae_next; + *frptr = fr->fr_next; + SPL_X(s); + RWLOCK_EXIT(&ipf_auth); + KFREE(fae); + } + } else if (fr && frptr) { + KMALLOC(fae, frauthent_t *); + if (fae != NULL) { + bcopy((char *)fr, (char *)&fae->fae_fr, + sizeof(*fr)); + WRITE_ENTER(&ipf_auth); + SPL_NET(s); + fae->fae_age = fr_defaultauthage; + fae->fae_fr.fr_hits = 0; + fae->fae_fr.fr_next = *frptr; + *frptr = &fae->fae_fr; + fae->fae_next = *faep; + *faep = fae; + ipauth = &fae_list->fae_fr; + SPL_X(s); + RWLOCK_EXIT(&ipf_auth); + } else + error = ENOMEM; + } else + error = EINVAL; break; case SIOCATHST: fr_authstats.fas_faelist = fae_list; @@ -418,7 +458,8 @@ fr_authioctlloop: bzero((char *)&ro, sizeof(ro)); # if ((_BSDI_VERSION >= 199802) && (_BSDI_VERSION < 200005)) || \ - defined(__OpenBSD__) || (defined(IRIX) && (IRIX >= 605)) + defined(__OpenBSD__) || (defined(IRIX) && (IRIX >= 605)) || \ + (__FreeBSD_version >= 500042) error = ip_output(m, NULL, &ro, IP_FORWARDING, NULL, NULL); # else @@ -436,17 +477,10 @@ fr_authioctlloop: # if SOLARIS error = (fr_qin(fra->fra_q, m) == 0) ? EINVAL : 0; # else /* SOLARIS */ - ifq = &ipintrq; - if (IF_QFULL(ifq)) { - IF_DROP(ifq); - m_freem(m); + if (! IF_HANDOFF(&ipintrq, m, NULL)) error = ENOBUFS; - } else { - IF_ENQUEUE(ifq, m); -# if IRIX < 605 + else schednetisr(NETISR_IP); -# endif - } # endif /* SOLARIS */ if (error) fr_authstats.fas_quefail++; @@ -595,66 +629,3 @@ void fr_authexpire() RWLOCK_EXIT(&ipf_auth); SPL_X(s); } - -int fr_preauthcmd(cmd, fr, frptr) -#if defined(__NetBSD__) || defined(__OpenBSD__) || \ - (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) -u_long cmd; -#else -int cmd; -#endif -frentry_t *fr, **frptr; -{ - frauthent_t *fae, **faep; - int error = 0; -#if defined(KERNEL) && !SOLARIS - int s; -#endif - - if ((cmd != SIOCADAFR) && (cmd != SIOCRMAFR)) { - /* Should not happen */ - printf("fr_preauthcmd called with bad cmd 0x%lx", (u_long)cmd); - return EIO; - } - - for (faep = &fae_list; (fae = *faep); ) - if (&fae->fae_fr == fr) - break; - else - faep = &fae->fae_next; - if (cmd == SIOCRMAFR) { - if (!fr || !frptr) - error = EINVAL; - else if (!fae) - error = ESRCH; - else { - WRITE_ENTER(&ipf_auth); - SPL_NET(s); - *faep = fae->fae_next; - *frptr = fr->fr_next; - SPL_X(s); - RWLOCK_EXIT(&ipf_auth); - KFREE(fae); - } - } else if (fr && frptr) { - KMALLOC(fae, frauthent_t *); - if (fae != NULL) { - bcopy((char *)fr, (char *)&fae->fae_fr, - sizeof(*fr)); - WRITE_ENTER(&ipf_auth); - SPL_NET(s); - fae->fae_age = fr_defaultauthage; - fae->fae_fr.fr_hits = 0; - fae->fae_fr.fr_next = *frptr; - *frptr = &fae->fae_fr; - fae->fae_next = *faep; - *faep = fae; - ipauth = &fae_list->fae_fr; - SPL_X(s); - RWLOCK_EXIT(&ipf_auth); - } else - error = ENOMEM; - } else - error = EINVAL; - return error; -} |