summaryrefslogtreecommitdiffstats
path: root/sys/contrib/pf/net/pf_subr.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/contrib/pf/net/pf_subr.c')
-rw-r--r--sys/contrib/pf/net/pf_subr.c29
1 files changed, 15 insertions, 14 deletions
diff --git a/sys/contrib/pf/net/pf_subr.c b/sys/contrib/pf/net/pf_subr.c
index 7d87833..f8550c7 100644
--- a/sys/contrib/pf/net/pf_subr.c
+++ b/sys/contrib/pf/net/pf_subr.c
@@ -45,6 +45,7 @@ __FBSDID("$FreeBSD$");
#include <sys/socketvar.h>
#include <sys/systm.h>
#include <sys/time.h>
+#include <sys/vimage.h>
#include <net/if.h>
#include <net/if_types.h>
@@ -127,9 +128,9 @@ pf_new_isn(struct pf_state *s)
struct pf_state_host *src, *dst;
/* Seed if this is the first use, reseed if requested. */
- if (isn_last_reseed == 0) {
- read_random(&isn_secret, sizeof(isn_secret));
- isn_last_reseed = ticks;
+ if (V_isn_last_reseed == 0) {
+ read_random(&V_isn_secret, sizeof(V_isn_secret));
+ V_isn_last_reseed = ticks;
}
if (s->direction == PF_IN) {
@@ -141,28 +142,28 @@ pf_new_isn(struct pf_state *s)
}
/* Compute the md5 hash and return the ISN. */
- MD5Init(&isn_ctx);
- MD5Update(&isn_ctx, (u_char *) &dst->port, sizeof(u_short));
- MD5Update(&isn_ctx, (u_char *) &src->port, sizeof(u_short));
+ MD5Init(&V_isn_ctx);
+ MD5Update(&V_isn_ctx, (u_char *) &dst->port, sizeof(u_short));
+ MD5Update(&V_isn_ctx, (u_char *) &src->port, sizeof(u_short));
#ifdef INET6
if (s->af == AF_INET6) {
- MD5Update(&isn_ctx, (u_char *) &dst->addr,
+ MD5Update(&V_isn_ctx, (u_char *) &dst->addr,
sizeof(struct in6_addr));
- MD5Update(&isn_ctx, (u_char *) &src->addr,
+ MD5Update(&V_isn_ctx, (u_char *) &src->addr,
sizeof(struct in6_addr));
} else
#endif
{
- MD5Update(&isn_ctx, (u_char *) &dst->addr,
+ MD5Update(&V_isn_ctx, (u_char *) &dst->addr,
sizeof(struct in_addr));
- MD5Update(&isn_ctx, (u_char *) &src->addr,
+ MD5Update(&V_isn_ctx, (u_char *) &src->addr,
sizeof(struct in_addr));
}
- MD5Update(&isn_ctx, (u_char *) &isn_secret, sizeof(isn_secret));
- MD5Final((u_char *) &md5_buffer, &isn_ctx);
+ MD5Update(&V_isn_ctx, (u_char *) &V_isn_secret, sizeof(V_isn_secret));
+ MD5Final((u_char *) &md5_buffer, &V_isn_ctx);
new_isn = (tcp_seq) md5_buffer[0];
- isn_offset += ISN_STATIC_INCREMENT +
+ V_isn_offset += ISN_STATIC_INCREMENT +
(arc4random() & ISN_RANDOM_INCREMENT);
- new_isn += isn_offset;
+ new_isn += V_isn_offset;
return (new_isn);
}
OpenPOWER on IntegriCloud