PERFORCE change 113792 for review
Paolo Pisati
piso at FreeBSD.org
Wed Jan 31 20:48:50 UTC 2007
http://perforce.freebsd.org/chv.cgi?CH=113792
Change 113792 by piso at piso_newluxor on 2007/01/31 20:48:35
In LibAlias[In|Out]Locked() and in (almost) all the functions
called from there we need a contiguos ip hdr: for this reason revert
the previous changes made to ProtoAlias[In|Out](), and do the pullup of
an ip hdr in LibAlias[In|Out]Locked() - this way we can guarantee that
all the functions called from LibAlias[In|Out]Locked() will receive, at
least, a contiguos ip hdr in their "void *ptr" argument, and, in some cases,
where we only need the content of the ip hdr (like in the ProtoAlias[In|Out]())
cases, we will hand down directly a "struct ip *".
Affected files ...
.. //depot/projects/soc2005/libalias/sys/netinet/libalias/alias.c#45 edit
Differences ...
==== //depot/projects/soc2005/libalias/sys/netinet/libalias/alias.c#45 (text+ko) ====
@@ -264,8 +264,8 @@
static int IcmpAliasOut2(struct libalias *, void *);
static int IcmpAliasOut(struct libalias *, void *, int create);
-static int ProtoAliasIn(struct libalias *, void *);
-static int ProtoAliasOut(struct libalias *, void *, int create);
+static int ProtoAliasIn(struct libalias *, struct ip *);
+static int ProtoAliasOut(struct libalias *, struct ip *, int create);
static int UdpAliasIn(struct libalias *, void *);
static int UdpAliasOut(struct libalias *, void *, int create);
@@ -681,7 +681,7 @@
static int
-ProtoAliasIn(struct libalias *la, void *ptr)
+ProtoAliasIn(struct libalias *la, struct ip *pip)
{
/*
Handle incoming IP packets. The
@@ -689,17 +689,7 @@
the dest IP address of the packet to our inside
machine.
*/
- struct ip *pip;
struct alias_link *lnk;
-#ifdef _KERNEL
- struct mbuf *m;
- m = m_pullup(ptr, sizeof(struct ip));
- if (m == NULL)
- return (PKT_ALIAS_IGNORED);
- pip = mtod(m, struct ip *);
-#else
- pip = ptr;
-#endif
LIBALIAS_LOCK_ASSERT(la);
/* Return if proxy-only mode is enabled */
@@ -724,7 +714,7 @@
static int
-ProtoAliasOut(struct libalias *la, void *ptr, int create)
+ProtoAliasOut(struct libalias *la, struct ip *pip, int create)
{
/*
Handle outgoing IP packets. The
@@ -732,16 +722,6 @@
the source IP address of the packet.
*/
struct alias_link *lnk;
- struct ip *pip;
-#ifdef _KERNEL
- struct mbuf *m;
- m = m_pullup(ptr, sizeof(struct ip));
- if (m == NULL)
- return (PKT_ALIAS_IGNORED);
- pip = mtod(m, struct ip *);
-#else
- pip = ptr;
-#endif
LIBALIAS_LOCK_ASSERT(la);
(void)create;
@@ -1303,10 +1283,10 @@
/* Local prototypes */
static int
-LibAliasOutLocked(struct libalias *la, char *ptr,
+LibAliasOutLocked(struct libalias *la, void *ptr,
int maxpacketsize, int create);
static int
-LibAliasInLocked(struct libalias *la, char *ptr,
+LibAliasInLocked(struct libalias *la, void *ptr,
int maxpacketsize);
int
@@ -1320,13 +1300,24 @@
return (res);
}
+#ifdef _KERNEL
+#define PULLUP_IPHDR(pip, ptr) do { \
+ struct mbuf *m; \
+ m = m_pullup((ptr), sizeof(struct ip)); \
+ (pip) = mtod(m, struct ip *); \
+} while (0)
+#else
+#define PULLUP_IPHDR(pip, ptr) pip = ptr
+#endif
+
static int
-LibAliasInLocked(struct libalias *la, char *ptr, int maxpacketsize)
+LibAliasInLocked(struct libalias *la, void *ptr, int maxpacketsize)
{
struct in_addr alias_addr;
struct ip *pip;
int iresult;
+ iresult = PKT_ALIAS_IGNORED;
if (la->packetAliasMode & PKT_ALIAS_REVERSE) {
la->packetAliasMode &= ~PKT_ALIAS_REVERSE;
iresult = LibAliasOutLocked(la, ptr, maxpacketsize, 1);
@@ -1335,17 +1326,16 @@
}
HouseKeeping(la);
ClearCheckNewLink(la);
- pip = (struct ip *)ptr;
+ PULLUP_IPHDR(pip, ptr);
+ if (pip == NULL)
+ goto getout;
alias_addr = pip->ip_dst;
/* Defense against mangled packets */
if (ntohs(pip->ip_len) > maxpacketsize
- || (pip->ip_hl << 2) > maxpacketsize) {
- iresult = PKT_ALIAS_IGNORED;
+ || (pip->ip_hl << 2) > maxpacketsize)
goto getout;
- }
- iresult = PKT_ALIAS_IGNORED;
if ((ntohs(pip->ip_off) & IP_OFFMASK) == 0) {
switch (pip->ip_p) {
case IPPROTO_ICMP:
@@ -1369,16 +1359,17 @@
.maxpktsize = 0
};
- /* Walk out chain. */
+ /* XXX broken - Walk out chain. */
error = find_handler(IN, IP, la, pip, &ad);
+ // XXX m_pullup()
if (error == 0)
iresult = PKT_ALIAS_OK;
else
- iresult = ProtoAliasIn(la, ptr);
+ iresult = ProtoAliasIn(la, pip);
}
- break;
+ break;
default:
- iresult = ProtoAliasIn(la, ptr);
+ iresult = ProtoAliasIn(la, pip);
break;
}
@@ -1440,7 +1431,7 @@
}
static int
-LibAliasOutLocked(struct libalias *la, char *ptr, /* valid IP packet */
+LibAliasOutLocked(struct libalias *la, void *ptr, /* valid IP packet */
int maxpacketsize, /* How much the packet data may grow (FTP
* and IRC inline changes) */
int create /* Create new entries ? */
@@ -1450,6 +1441,7 @@
struct in_addr addr_save;
struct ip *pip;
+ iresult = PKT_ALIAS_IGNORED;
if (la->packetAliasMode & PKT_ALIAS_REVERSE) {
la->packetAliasMode &= ~PKT_ALIAS_REVERSE;
iresult = LibAliasInLocked(la, ptr, maxpacketsize);
@@ -1458,14 +1450,14 @@
}
HouseKeeping(la);
ClearCheckNewLink(la);
- pip = (struct ip *)ptr;
+ PULLUP_IPHDR(pip, ptr);
+ if (pip == NULL)
+ goto getout;
/* Defense against mangled packets */
if (ntohs(pip->ip_len) > maxpacketsize
- || (pip->ip_hl << 2) > maxpacketsize) {
- iresult = PKT_ALIAS_IGNORED;
+ || (pip->ip_hl << 2) > maxpacketsize)
goto getout;
- }
addr_save = GetDefaultAliasAddress(la);
if (la->packetAliasMode & PKT_ALIAS_UNREGISTERED_ONLY) {
@@ -1487,7 +1479,6 @@
} else if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) {
SetDefaultAliasAddress(la, pip->ip_src);
}
- iresult = PKT_ALIAS_IGNORED;
if ((ntohs(pip->ip_off) & IP_OFFMASK) == 0) {
switch (pip->ip_p) {
case IPPROTO_ICMP:
@@ -1510,16 +1501,17 @@
.dport = NULL,
.maxpktsize = 0
};
- /* Walk out chain. */
+ /* XXX broken - Walk out chain. */
error = find_handler(OUT, IP, la, pip, &ad);
+ // XXX m_pullup()
if (error == 0)
iresult = PKT_ALIAS_OK;
else
- iresult = ProtoAliasOut(la, ptr, create);
+ iresult = ProtoAliasOut(la, pip, create);
}
break;
default:
- iresult = ProtoAliasOut(la, ptr, create);
+ iresult = ProtoAliasOut(la, pip, create);
break;
}
} else {
More information about the p4-projects
mailing list