git: fb2ea26f3c36 - main - libalias: Handle GetNewPort() errors properly
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 18 Apr 2025 15:12:20 UTC
The branch main has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=fb2ea26f3c3681f5ef639af9c798a631d800864b
commit fb2ea26f3c3681f5ef639af9c798a631d800864b
Author: Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2025-04-18 13:37:46 +0000
Commit: Mark Johnston <markj@FreeBSD.org>
CommitDate: 2025-04-18 15:11:51 +0000
libalias: Handle GetNewPort() errors properly
AddLink() fails when memory allocation fails or no free port is
available; both are error conditions. However, functions such as
FindUdpTcpIn() were converting such failures to PKT_ALIAS_IGNORED, which
effectively means, "pass the packet without translation," which isn't
what we want.
Fix the problem by making sure that AddLink() errors are converted to
PKT_ALIAS_ERROR where appropriate. The diff is a bit large but is
mostly mechanical: functions like TcpAliasOut() are converted to return
a result code, and an additional out-parameter is added to return the
alias_link pointer.
Reported by: Yuxiang Yang <yangyx22@mails.tsinghua.edu.cn>
Tested by: Yuxiang Yang <yangyx22@mails.tsinghua.edu.cn>
MFC after: 2 months
Differential Revision: https://reviews.freebsd.org/D47778
---
sys/netinet/libalias/alias.c | 164 +++++++++++++++++++++---------------
sys/netinet/libalias/alias_db.c | 88 +++++++++++++------
sys/netinet/libalias/alias_irc.c | 4 +-
sys/netinet/libalias/alias_local.h | 26 +++---
sys/netinet/libalias/alias_skinny.c | 4 +-
sys/netinet/libalias/alias_smedia.c | 4 +-
6 files changed, 178 insertions(+), 112 deletions(-)
diff --git a/sys/netinet/libalias/alias.c b/sys/netinet/libalias/alias.c
index 7858e4d2b9f3..6758813f6a21 100644
--- a/sys/netinet/libalias/alias.c
+++ b/sys/netinet/libalias/alias.c
@@ -290,13 +290,14 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip)
{
struct alias_link *lnk;
struct icmp *ic;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
ic = (struct icmp *)ip_next(pip);
/* Get source address from ICMP data field and restore original data */
- lnk = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1);
- if (lnk != NULL) {
+ ret = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1, &lnk);
+ if (ret == PKT_ALIAS_OK) {
u_short original_id;
int accumulate;
@@ -319,10 +320,8 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip)
&original_address, &pip->ip_dst, 2);
pip->ip_dst = original_address;
}
-
- return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
+ return (ret);
}
/*
@@ -337,6 +336,7 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip)
struct udphdr *ud;
struct tcphdr *tc;
struct alias_link *lnk;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
ic = (struct icmp *)ip_next(pip);
@@ -346,18 +346,26 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip)
tc = (struct tcphdr *)ip_next(ip);
ic2 = (struct icmp *)ip_next(ip);
- if (ip->ip_p == IPPROTO_UDP)
- lnk = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
+ if (ip->ip_p == IPPROTO_UDP) {
+ ret = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
- else if (ip->ip_p == IPPROTO_TCP)
- lnk = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
+ IPPROTO_UDP, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else if (ip->ip_p == IPPROTO_TCP) {
+ ret = FindUdpTcpIn(la, ip->ip_dst, ip->ip_src,
tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
- else if (ip->ip_p == IPPROTO_ICMP) {
- if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
- lnk = FindIcmpIn(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
- else
+ IPPROTO_TCP, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else if (ip->ip_p == IPPROTO_ICMP) {
+ if (ic2->icmp_type == ICMP_ECHO ||
+ ic2->icmp_type == ICMP_TSTAMP) {
+ ret = FindIcmpIn(la, ip->ip_dst, ip->ip_src,
+ ic2->icmp_id, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else
lnk = NULL;
} else
lnk = NULL;
@@ -479,13 +487,15 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
{
struct alias_link *lnk;
struct icmp *ic;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
ic = (struct icmp *)ip_next(pip);
/* Save overwritten data for when echo packet returns */
- lnk = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, create);
- if (lnk != NULL) {
+ ret = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, create,
+ &lnk);
+ if (ret == PKT_ALIAS_OK) {
u_short alias_id;
int accumulate;
@@ -508,10 +518,8 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create)
&alias_address, &pip->ip_src, 2);
pip->ip_src = alias_address;
}
-
- return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
+ return (ret);
}
/*
@@ -526,6 +534,7 @@ IcmpAliasOut2(struct libalias *la, struct ip *pip)
struct udphdr *ud;
struct tcphdr *tc;
struct alias_link *lnk;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
ic = (struct icmp *)ip_next(pip);
@@ -535,18 +544,26 @@ IcmpAliasOut2(struct libalias *la, struct ip *pip)
tc = (struct tcphdr *)ip_next(ip);
ic2 = (struct icmp *)ip_next(ip);
- if (ip->ip_p == IPPROTO_UDP)
- lnk = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
+ if (ip->ip_p == IPPROTO_UDP) {
+ ret = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
- else if (ip->ip_p == IPPROTO_TCP)
- lnk = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
+ IPPROTO_UDP, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else if (ip->ip_p == IPPROTO_TCP) {
+ ret = FindUdpTcpOut(la, ip->ip_dst, ip->ip_src,
tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
- else if (ip->ip_p == IPPROTO_ICMP) {
- if (ic2->icmp_type == ICMP_ECHO || ic2->icmp_type == ICMP_TSTAMP)
- lnk = FindIcmpOut(la, ip->ip_dst, ip->ip_src, ic2->icmp_id, 0);
- else
+ IPPROTO_TCP, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else if (ip->ip_p == IPPROTO_ICMP) {
+ if (ic2->icmp_type == ICMP_ECHO ||
+ ic2->icmp_type == ICMP_TSTAMP) {
+ ret = FindIcmpOut(la, ip->ip_dst, ip->ip_src,
+ ic2->icmp_id, 0, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ } else
lnk = NULL;
} else
lnk = NULL;
@@ -661,14 +678,15 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
struct ip *pip, u_char ip_p, u_short *ip_sum)
{
struct alias_link *lnk;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
/* Return if proxy-only mode is enabled */
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
return (PKT_ALIAS_OK);
- lnk = FindProtoIn(la, ip_src, pip->ip_dst, ip_p);
- if (lnk != NULL) {
+ ret = FindProtoIn(la, ip_src, pip->ip_dst, ip_p, &lnk);
+ if (ret == PKT_ALIAS_OK) {
struct in_addr original_address;
original_address = GetOriginalAddress(lnk);
@@ -677,10 +695,8 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src,
DifferentialChecksum(ip_sum,
&original_address, &pip->ip_dst, 2);
pip->ip_dst = original_address;
-
- return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
+ return (ret);
}
/*
@@ -693,6 +709,7 @@ ProtoAliasOut(struct libalias *la, struct ip *pip,
struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create)
{
struct alias_link *lnk;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
@@ -703,8 +720,8 @@ ProtoAliasOut(struct libalias *la, struct ip *pip,
if (!create)
return (PKT_ALIAS_IGNORED);
- lnk = FindProtoOut(la, pip->ip_src, ip_dst, ip_p);
- if (lnk != NULL) {
+ ret = FindProtoOut(la, pip->ip_src, ip_dst, ip_p, &lnk);
+ if (ret == PKT_ALIAS_OK) {
struct in_addr alias_address;
alias_address = GetAliasAddress(lnk);
@@ -713,10 +730,8 @@ ProtoAliasOut(struct libalias *la, struct ip *pip,
DifferentialChecksum(ip_sum,
&alias_address, &pip->ip_src, 2);
pip->ip_src = alias_address;
-
- return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
+ return (ret);
}
#define MF_ISSET(_pip) (ntohs((_pip)->ip_off) & IP_MF)
@@ -745,6 +760,7 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
{
struct udphdr *ud;
struct alias_link *lnk;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
@@ -752,10 +768,12 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
if (ud == NULL)
return (PKT_ALIAS_IGNORED);
- lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
+ ret = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
ud->uh_sport, ud->uh_dport,
- IPPROTO_UDP, !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY));
- if (lnk != NULL) {
+ IPPROTO_UDP, !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY), &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ {
struct in_addr alias_address;
struct in_addr original_address;
struct in_addr proxy_address;
@@ -828,7 +846,6 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
}
static int
@@ -840,7 +857,7 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
struct in_addr proxy_server_address;
u_short dest_port;
u_short proxy_server_port;
- int proxy_type;
+ int proxy_type, ret;
LIBALIAS_LOCK_ASSERT(la);
@@ -877,10 +894,12 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
pip->ip_dst = proxy_server_address;
ud->uh_dport = proxy_server_port;
}
- lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
+ ret = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
ud->uh_sport, ud->uh_dport,
- IPPROTO_UDP, create);
- if (lnk != NULL) {
+ IPPROTO_UDP, create, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ {
u_short alias_port;
struct in_addr alias_address;
struct alias_data ad = {
@@ -930,7 +949,6 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
}
static int
@@ -939,6 +957,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
struct tcphdr *tc;
struct alias_link *lnk;
size_t dlen;
+ int ret;
LIBALIAS_LOCK_ASSERT(la);
@@ -947,11 +966,12 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
return (PKT_ALIAS_IGNORED);
tc = (struct tcphdr *)ip_next(pip);
- lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
+ ret = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
tc->th_sport, tc->th_dport,
IPPROTO_TCP,
- !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY));
- if (lnk != NULL) {
+ !(la->packetAliasMode & PKT_ALIAS_PROXY_ONLY),
+ &lnk);
+ if (ret == PKT_ALIAS_OK) {
struct in_addr alias_address;
struct in_addr original_address;
struct in_addr proxy_address;
@@ -1057,13 +1077,13 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
+ return (ret);
}
static int
TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
{
- int proxy_type;
+ int proxy_type, ret;
u_short dest_port;
u_short proxy_server_port;
size_t dlen;
@@ -1108,12 +1128,12 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
accumulate -= twowords(&pip->ip_dst);
ADJUST_CHECKSUM(accumulate, pip->ip_sum);
}
- lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
+ ret = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst,
tc->th_sport, tc->th_dport,
- IPPROTO_TCP, create);
- if (lnk == NULL)
- return (PKT_ALIAS_IGNORED);
- if (lnk != NULL) {
+ IPPROTO_TCP, create, &lnk);
+ if (ret != PKT_ALIAS_OK)
+ return (ret);
+ {
u_short alias_port;
struct in_addr alias_address;
int accumulate;
@@ -1177,7 +1197,6 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
return (PKT_ALIAS_OK);
}
- return (PKT_ALIAS_IGNORED);
}
/* Fragment Handling
@@ -1581,17 +1600,24 @@ LibAliasUnaliasOut(struct libalias *la,
ic = (struct icmp *)ip_next(pip);
/* Find a link */
- if (pip->ip_p == IPPROTO_UDP)
- lnk = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
+ if (pip->ip_p == IPPROTO_UDP) {
+ iresult = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
ud->uh_dport, ud->uh_sport,
- IPPROTO_UDP, 0);
- else if (pip->ip_p == IPPROTO_TCP)
- lnk = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
+ IPPROTO_UDP, 0, &lnk);
+ if (iresult != PKT_ALIAS_OK)
+ goto getout;
+ } else if (pip->ip_p == IPPROTO_TCP) {
+ iresult = FindUdpTcpIn(la, pip->ip_dst, pip->ip_src,
tc->th_dport, tc->th_sport,
- IPPROTO_TCP, 0);
- else if (pip->ip_p == IPPROTO_ICMP)
- lnk = FindIcmpIn(la, pip->ip_dst, pip->ip_src, ic->icmp_id, 0);
- else
+ IPPROTO_TCP, 0, &lnk);
+ if (iresult != PKT_ALIAS_OK)
+ goto getout;
+ } else if (pip->ip_p == IPPROTO_ICMP) {
+ iresult = FindIcmpIn(la, pip->ip_dst, pip->ip_src,
+ ic->icmp_id, 0, &lnk);
+ if (iresult != PKT_ALIAS_OK)
+ goto getout;
+ } else
lnk = NULL;
/* Change it from an aliased packet to an unaliased packet */
diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c
index b09e41935d93..732adb8afa83 100644
--- a/sys/netinet/libalias/alias_db.c
+++ b/sys/netinet/libalias/alias_db.c
@@ -1049,15 +1049,19 @@ FindLinkByInternalEndpoint(struct libalias *la, struct in_addr src_addr,
(prototypes in alias_local.h)
*/
-struct alias_link *
+int
FindIcmpIn(struct libalias *la, struct in_addr dst_addr,
struct in_addr alias_addr,
u_short id_alias,
- int create)
+ int create,
+ struct alias_link **lnkp)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
+
+ *lnkp = NULL;
+
lnk = FindLinkIn(la, dst_addr, alias_addr,
NO_DEST_PORT, id_alias,
LINK_ICMP, 0);
@@ -1068,19 +1072,26 @@ FindIcmpIn(struct libalias *la, struct in_addr dst_addr,
lnk = AddLink(la, target_addr, dst_addr, alias_addr,
id_alias, NO_DEST_PORT, id_alias,
LINK_ICMP);
+ if (lnk == NULL)
+ return (PKT_ALIAS_ERROR);
}
- return (lnk);
+ *lnkp = lnk;
+ return (lnk != NULL ? PKT_ALIAS_OK : PKT_ALIAS_IGNORED);
}
-struct alias_link *
+int
FindIcmpOut(struct libalias *la, struct in_addr src_addr,
struct in_addr dst_addr,
u_short id,
- int create)
+ int create,
+ struct alias_link **lnkp)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
+
+ *lnkp = NULL;
+
lnk = FindLinkOut(la, src_addr, dst_addr,
id, NO_DEST_PORT,
LINK_ICMP, 0);
@@ -1091,8 +1102,11 @@ FindIcmpOut(struct libalias *la, struct in_addr src_addr,
lnk = AddLink(la, src_addr, dst_addr, alias_addr,
id, NO_DEST_PORT, GET_ALIAS_ID,
LINK_ICMP);
+ if (lnk == NULL)
+ return (PKT_ALIAS_ERROR);
}
- return (lnk);
+ *lnkp = lnk;
+ return (lnk != NULL ? PKT_ALIAS_OK : PKT_ALIAS_IGNORED);
}
struct alias_link *
@@ -1146,18 +1160,21 @@ FindFragmentPtr(struct libalias *la, struct in_addr dst_addr,
LINK_FRAGMENT_PTR, 0);
}
-struct alias_link *
+int
FindProtoIn(struct libalias *la, struct in_addr dst_addr,
struct in_addr alias_addr,
- u_char proto)
+ u_char proto,
+ struct alias_link **lnkp)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
+
+ *lnkp = NULL;
+
lnk = FindLinkIn(la, dst_addr, alias_addr,
NO_DEST_PORT, 0,
proto, 1);
-
if (lnk == NULL && !(la->packetAliasMode & PKT_ALIAS_DENY_INCOMING)) {
struct in_addr target_addr;
@@ -1165,22 +1182,28 @@ FindProtoIn(struct libalias *la, struct in_addr dst_addr,
lnk = AddLink(la, target_addr, dst_addr, alias_addr,
NO_SRC_PORT, NO_DEST_PORT, 0,
proto);
+ if (lnk == NULL)
+ return (PKT_ALIAS_ERROR);
}
- return (lnk);
+ *lnkp = lnk;
+ return (lnk != NULL ? PKT_ALIAS_OK : PKT_ALIAS_IGNORED);
}
-struct alias_link *
+int
FindProtoOut(struct libalias *la, struct in_addr src_addr,
struct in_addr dst_addr,
- u_char proto)
+ u_char proto,
+ struct alias_link **lnkp)
{
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
+
+ *lnkp = NULL;
+
lnk = FindLinkOut(la, src_addr, dst_addr,
NO_SRC_PORT, NO_DEST_PORT,
proto, 1);
-
if (lnk == NULL) {
struct in_addr alias_addr;
@@ -1188,22 +1211,29 @@ FindProtoOut(struct libalias *la, struct in_addr src_addr,
lnk = AddLink(la, src_addr, dst_addr, alias_addr,
NO_SRC_PORT, NO_DEST_PORT, 0,
proto);
+ if (lnk == NULL)
+ return (PKT_ALIAS_ERROR);
}
- return (lnk);
+ *lnkp = lnk;
+ return (lnk != NULL ? PKT_ALIAS_OK : PKT_ALIAS_IGNORED);
}
-struct alias_link *
+int
FindUdpTcpIn(struct libalias *la, struct in_addr dst_addr,
struct in_addr alias_addr,
u_short dst_port,
u_short alias_port,
u_char proto,
- int create)
+ int create,
+ struct alias_link **lnkp)
{
int link_type;
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
+
+ *lnkp = NULL;
+
switch (proto) {
case IPPROTO_UDP:
link_type = LINK_UDP;
@@ -1212,8 +1242,7 @@ FindUdpTcpIn(struct libalias *la, struct in_addr dst_addr,
link_type = LINK_TCP;
break;
default:
- return (NULL);
- break;
+ return (PKT_ALIAS_IGNORED);
}
lnk = FindLinkIn(la, dst_addr, alias_addr,
@@ -1227,22 +1256,30 @@ FindUdpTcpIn(struct libalias *la, struct in_addr dst_addr,
lnk = AddLink(la, target_addr, dst_addr, alias_addr,
alias_port, dst_port, alias_port,
link_type);
+ if (lnk == NULL)
+ return (PKT_ALIAS_ERROR);
+
}
- return (lnk);
+ *lnkp = lnk;
+ return (lnk != NULL ? PKT_ALIAS_OK : PKT_ALIAS_IGNORED);
}
-struct alias_link *
+int
FindUdpTcpOut(struct libalias *la, struct in_addr src_addr,
struct in_addr dst_addr,
u_short src_port,
u_short dst_port,
u_char proto,
- int create)
+ int create,
+ struct alias_link **lnkp)
{
int link_type;
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
+
+ *lnkp = NULL;
+
switch (proto) {
case IPPROTO_UDP:
link_type = LINK_UDP;
@@ -1251,12 +1288,10 @@ FindUdpTcpOut(struct libalias *la, struct in_addr src_addr,
link_type = LINK_TCP;
break;
default:
- return (NULL);
- break;
+ return (PKT_ALIAS_IGNORED);
}
lnk = FindLinkOut(la, src_addr, dst_addr, src_port, dst_port, link_type, create);
-
if (lnk == NULL && create) {
struct in_addr alias_addr;
@@ -1264,8 +1299,11 @@ FindUdpTcpOut(struct libalias *la, struct in_addr src_addr,
lnk = AddLink(la, src_addr, dst_addr, alias_addr,
src_port, dst_port, GET_ALIAS_PORT,
link_type);
+ if (lnk == NULL)
+ return (PKT_ALIAS_ERROR);
}
- return (lnk);
+ *lnkp = lnk;
+ return (lnk != NULL ? PKT_ALIAS_OK : PKT_ALIAS_IGNORED);
}
struct alias_link *
diff --git a/sys/netinet/libalias/alias_irc.c b/sys/netinet/libalias/alias_irc.c
index e063a67c2902..30cee74fff21 100644
--- a/sys/netinet/libalias/alias_irc.c
+++ b/sys/netinet/libalias/alias_irc.c
@@ -360,9 +360,9 @@ AliasHandleIrcOut(struct libalias *la,
* matter, and this would probably allow it through
* at least _some_ firewalls.
*/
- dcc_lnk = FindUdpTcpOut(la, true_addr, destaddr,
+ (void)FindUdpTcpOut(la, true_addr, destaddr,
true_port, 0,
- IPPROTO_TCP, 1);
+ IPPROTO_TCP, 1, &dcc_lnk);
DBprintf(("Got a DCC link\n"));
if (dcc_lnk) {
struct in_addr alias_address; /* Address from aliasing */
diff --git a/sys/netinet/libalias/alias_local.h b/sys/netinet/libalias/alias_local.h
index ef6c89e675d6..7c1dcb0c8eb0 100644
--- a/sys/netinet/libalias/alias_local.h
+++ b/sys/netinet/libalias/alias_local.h
@@ -239,12 +239,12 @@ struct alias_link *
AddLink(struct libalias *la, struct in_addr src_addr, struct in_addr dst_addr,
struct in_addr alias_addr, u_short src_port, u_short dst_port,
int alias_param, int link_type);
-struct alias_link *
+int
FindIcmpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_short _id_alias, int _create);
-struct alias_link *
+ u_short _id_alias, int _create, struct alias_link **_lnkp);
+int
FindIcmpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- u_short _id, int _create);
+ u_short _id, int _create, struct alias_link **_lnkp);
struct alias_link *
FindFragmentIn1(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
u_short _ip_id);
@@ -255,18 +255,20 @@ struct alias_link *
AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
struct alias_link *
FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id);
-struct alias_link *
+int
FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_char _proto);
-struct alias_link *
+ u_char _proto, struct alias_link **_lnkp);
+int
FindProtoOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- u_char _proto);
-struct alias_link *
+ u_char _proto, struct alias_link **_lnkp);
+int
FindUdpTcpIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr,
- u_short _dst_port, u_short _alias_port, u_char _proto, int _create);
-struct alias_link *
+ u_short _dst_port, u_short _alias_port, u_char _proto, int _create,
+ struct alias_link **_lnkp);
+int
FindUdpTcpOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
- u_short _src_port, u_short _dst_port, u_char _proto, int _create);
+ u_short _src_port, u_short _dst_port, u_char _proto, int _create,
+ struct alias_link **_lnkp);
struct alias_link *
AddPptp(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr,
struct in_addr _alias_addr, u_int16_t _src_call_id);
diff --git a/sys/netinet/libalias/alias_skinny.c b/sys/netinet/libalias/alias_skinny.c
index d12046d7953f..fd9e15d3ad40 100644
--- a/sys/netinet/libalias/alias_skinny.c
+++ b/sys/netinet/libalias/alias_skinny.c
@@ -279,9 +279,9 @@ alias_skinny_opnrcvch_ack(struct libalias *la, struct OpenReceiveChannelAck *opn
*localIpAddr = (u_int32_t)opnrcvch_ack->ipAddr;
null_addr.s_addr = INADDR_ANY;
- opnrcv_lnk = FindUdpTcpOut(la, pip->ip_src, null_addr,
+ (void)FindUdpTcpOut(la, pip->ip_src, null_addr,
htons((u_short) opnrcvch_ack->port), 0,
- IPPROTO_UDP, 1);
+ IPPROTO_UDP, 1, &opnrcv_lnk);
opnrcvch_ack->ipAddr = (u_int32_t)GetAliasAddress(opnrcv_lnk).s_addr;
opnrcvch_ack->port = (u_int32_t)ntohs(GetAliasPort(opnrcv_lnk));
diff --git a/sys/netinet/libalias/alias_smedia.c b/sys/netinet/libalias/alias_smedia.c
index 1c4ee0970a53..badd75a45c61 100644
--- a/sys/netinet/libalias/alias_smedia.c
+++ b/sys/netinet/libalias/alias_smedia.c
@@ -435,8 +435,8 @@ alias_pna_out(struct libalias *la, struct ip *pip,
if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) {
memcpy(&port, work, 2);
- pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(lnk),
- port, 0, IPPROTO_UDP, 1);
+ (void)FindUdpTcpOut(la, pip->ip_src, GetDestAddress(lnk),
+ port, 0, IPPROTO_UDP, 1, &pna_links);
if (pna_links != NULL) {
#ifndef NO_FW_PUNCH
/* Punch hole in firewall */