From nobody Fri Sep 27 22:17:14 2024 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XFlFQ5Gklz5XK7p; Fri, 27 Sep 2024 22:17:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XFlFQ3zQwz4kVD; Fri, 27 Sep 2024 22:17:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1727475434; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Fyn+0E5Fq4wk7bzYuTooBrAzsFDR1zEloYqq4OlUMow=; b=tlwhuf6NRck4dNCFZ2keX4hlH0jUDzBwKs+jnbUsWatyGe5/hnjYQeN1TizRG3f3+XbdUe cZO6GKacNIKcxSOfTQIllzNrYRIgj+lEWqQjfz0j/6o56Jn2RJlSDEdZP6jXn096OjlqxS Ch5MEjQM9+gkefH6pY9JBkeSwYHZ7Y2ul7ngSzCSWulhwUhJBL7B2riyCl3XN9ZEgMra5z ZmzKOLfHtJL8o7C8ANdIbSN3Y+g9H49roI/syWg+iomBjbwOBkYTcFWG05jsvvyDAYHsJH HaGMJl5mOKjnDI5qLonmrQHVf2SjdlbTfByg3qX7aswd+VqJSpRBjGTEpDzGdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1727475434; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Fyn+0E5Fq4wk7bzYuTooBrAzsFDR1zEloYqq4OlUMow=; b=rmw0nRGB/5Tn2IAqeTspYc/mZG+G/0/sKRz1lqO7USg7RSbse7165+MBzRgr+6y/Ob5SMp OQz8Vdewbda2A9tPMQMMEOj5c/0XT1rlqLiU3Adcimu7NurgWg3GM62xhMB3Bsrr6dq+Ud Zwpmq4c2YuEceczOiYa2NH1t0CRoUycF91Qn5wfsBLRDnTH1bTAcheMhJBQtdhdKXoipbz 1c49ulhyMmtLHLgWMBII0IK3fTWciBAmDnHJhhrQEao1yfYyRwdfHpwuGRmYxaOQveGaTJ uYaVrrSqXyk5vQ4vOokmn3GQ9xc0f6frjzgQlgaSi0qqYNdZSXHPPMHBAwzrXw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1727475434; a=rsa-sha256; cv=none; b=NDCqgn1FInUFRcnmPnHOxIraAeDvlKfgsPLj8E68oNQx94XG+QzzUnEs9NiUY1qaf7bJIv UoTUIdCdWyPnO6V0rugbJTavHnvGx4OnC6FbXC1e4JHCoFxfuCD1dIDgb3grX4zaInuD1u kmv4gmj1zE/HM2Kw2EQrh7DQFQryeXKD6kG2hgk/Y0NrqgEurfZkTKLIaCHliEgHxrR5r7 Z89SnRy8hqWM5mwbpltRy5Iiwl1AJQQj7Vju2cZM2K+raT5RvRWlv253yThQpn3e7Rj36p Z/BAA9GAs+iCKLqgFiUTGnnnmLlUOycT0zrXXkDhpUFjEfSSR341FVxZn6Zq+w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XFlFQ3Mp4zyMd; Fri, 27 Sep 2024 22:17:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 48RMHENn039275; Fri, 27 Sep 2024 22:17:14 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 48RMHEcj039272; Fri, 27 Sep 2024 22:17:14 GMT (envelope-from git) Date: Fri, 27 Sep 2024 22:17:14 GMT Message-Id: <202409272217.48RMHEcj039272@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: 39f615e90ca3 - main - pf: rename the pf_pdesc field rh_cnt to badopts List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 39f615e90ca3fc6207dd0419a69a859e563e1de0 Auto-Submitted: auto-generated The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=39f615e90ca3fc6207dd0419a69a859e563e1de0 commit 39f615e90ca3fc6207dd0419a69a859e563e1de0 Author: Kristof Provost AuthorDate: 2024-09-11 12:46:51 +0000 Commit: Kristof Provost CommitDate: 2024-09-27 20:13:23 +0000 pf: rename the pf_pdesc field rh_cnt to badopts It is also used for IPv4 options now. ok mcbride@ henning@ Reviewed by: zlei Obtained from: OpenBSD, bluhm , 4fe6abd45f Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46650 --- sys/net/pfvar.h | 2 +- sys/netpfil/pf/pf.c | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index c4553e6f380f..f5551447f7aa 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1611,7 +1611,7 @@ struct pf_pdesc { struct pf_rule_actions act; u_int32_t p_len; /* total length of payload */ - u_int32_t rh_cnt; /* Route header count */ + u_int32_t badopts; /* v4 options or v6 routing headers */ u_int16_t *ip_sum; u_int16_t *proto_sum; diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 8072207ef5dd..823e90384747 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -8600,7 +8600,7 @@ pf_setup_pdesc(sa_family_t af, int dir, struct pf_pdesc *pd, struct mbuf *m, pd->act.rtableid = -1; if (h->ip_hl > 5) /* has options */ - pd->rh_cnt++; + pd->badopts++; /* fragments not reassembled handled later */ if (h->ip_off & htons(IP_MF | IP_OFFMASK)) @@ -8643,7 +8643,7 @@ pf_setup_pdesc(sa_family_t af, int dir, struct pf_pdesc *pd, struct mbuf *m, case IPPROTO_ROUTING: { struct ip6_rthdr rthdr; - if (pd->rh_cnt++) { + if (pd->badopts++) { DPFPRINTF(PF_DEBUG_MISC, ("pf: IPv6 more than one rthdr")); *action = PF_DROP; @@ -9236,7 +9236,7 @@ pf_test(sa_family_t af, int dir, int pflags, struct ifnet *ifp, struct mbuf **m0 done: PF_RULES_RUNLOCK(); - if (action == PF_PASS && pd.rh_cnt && + if (action == PF_PASS && pd.badopts && !((s && s->state_flags & PFSTATE_ALLOWOPTS) || r->allow_opts)) { action = PF_DROP; REASON_SET(&reason, PFRES_IPOPTIONS);