Module Name: src Committed By: drochner Date: Thu Jun 9 19:54:18 UTC 2011
Modified Files: src/sys/net: pfkeyv2.h src/sys/netipsec: ipsec.c ipsec.h ipsec6.h key.c key.h Log Message: more "const" To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/sys/net/pfkeyv2.h cvs rdiff -u -r1.54 -r1.55 src/sys/netipsec/ipsec.c cvs rdiff -u -r1.28 -r1.29 src/sys/netipsec/ipsec.h cvs rdiff -u -r1.12 -r1.13 src/sys/netipsec/ipsec6.h cvs rdiff -u -r1.72 -r1.73 src/sys/netipsec/key.c cvs rdiff -u -r1.10 -r1.11 src/sys/netipsec/key.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/net/pfkeyv2.h diff -u src/sys/net/pfkeyv2.h:1.29 src/sys/net/pfkeyv2.h:1.30 --- src/sys/net/pfkeyv2.h:1.29 Thu May 26 21:50:02 2011 +++ src/sys/net/pfkeyv2.h Thu Jun 9 19:54:18 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: pfkeyv2.h,v 1.29 2011/05/26 21:50:02 drochner Exp $ */ +/* $NetBSD: pfkeyv2.h,v 1.30 2011/06/09 19:54:18 drochner Exp $ */ /* $KAME: pfkeyv2.h,v 1.36 2003/07/25 09:33:37 itojun Exp $ */ /* @@ -430,11 +430,11 @@ /* Utilities */ #define PFKEY_ALIGN8(a) (1 + (((a) - 1) | (8 - 1))) #define PFKEY_EXTLEN(msg) \ - PFKEY_UNUNIT64(((struct sadb_ext *)(void *)(msg))->sadb_ext_len) + PFKEY_UNUNIT64(((const struct sadb_ext *)(const void *)(msg))->sadb_ext_len) #define PFKEY_ADDR_PREFIX(ext) \ - (((struct sadb_address *)(void *)(ext))->sadb_address_prefixlen) + (((const struct sadb_address *)(const void *)(ext))->sadb_address_prefixlen) #define PFKEY_ADDR_PROTO(ext) \ - (((struct sadb_address *)(void *)(ext))->sadb_address_proto) + (((const struct sadb_address *)(const void *)(ext))->sadb_address_proto) #define PFKEY_ADDR_SADDR(ext) \ ((struct sockaddr *)(void *)((char *)(void *)(ext) + \ sizeof(struct sadb_address))) Index: src/sys/netipsec/ipsec.c diff -u src/sys/netipsec/ipsec.c:1.54 src/sys/netipsec/ipsec.c:1.55 --- src/sys/netipsec/ipsec.c:1.54 Wed Jun 8 16:24:50 2011 +++ src/sys/netipsec/ipsec.c Thu Jun 9 19:54:18 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec.c,v 1.54 2011/06/08 16:24:50 dyoung Exp $ */ +/* $NetBSD: ipsec.c,v 1.55 2011/06/09 19:54:18 drochner Exp $ */ /* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */ /* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */ @@ -32,7 +32,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.54 2011/06/08 16:24:50 dyoung Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.55 2011/06/09 19:54:18 drochner Exp $"); /* * IPsec controller part. @@ -242,11 +242,11 @@ #endif static void ipsec_delpcbpolicy (struct inpcbpolicy *); static struct secpolicy *ipsec_deepcopy_policy (const struct secpolicy *); -static int ipsec_set_policy (struct secpolicy **,int , void *, size_t , - kauth_cred_t ); +static int ipsec_set_policy (struct secpolicy **, int, const void *, size_t, + kauth_cred_t); static int ipsec_get_policy (struct secpolicy *, struct mbuf **); static void vshiftl (unsigned char *, int, int); -static size_t ipsec_hdrsiz (struct secpolicy *); +static size_t ipsec_hdrsiz (const struct secpolicy *); #ifdef __NetBSD__ /* @@ -481,7 +481,7 @@ * NOTE: IPv6 mapped address concern is implemented here. */ struct secpolicy * -ipsec_getpolicy(struct tdb_ident *tdbi, u_int dir) +ipsec_getpolicy(const struct tdb_ident *tdbi, u_int dir) { struct secpolicy *sp; @@ -785,7 +785,7 @@ #endif /* INET6 */ static int -ipsec4_setspidx_inpcb(struct mbuf *m ,struct inpcb *pcb) +ipsec4_setspidx_inpcb(struct mbuf *m, struct inpcb *pcb) { int error; @@ -1224,7 +1224,7 @@ ipsec_deepcopy_policy(const struct secpolicy *src) { struct ipsecrequest *newchain = NULL; - struct ipsecrequest *p; + const struct ipsecrequest *p; struct ipsecrequest **q; struct ipsecrequest *r; struct secpolicy *dst; @@ -1268,10 +1268,9 @@ return dst; fail: - for (p = newchain; p; p = r) { - r = p->next; - free(p, M_SECA); - p = NULL; + for (q = &newchain; *q; q = &r) { + r = (*q)->next; + free(*q, M_SECA); } return NULL; } @@ -1281,12 +1280,12 @@ ipsec_set_policy( struct secpolicy **pcb_sp, int optname, - void *request, + const void *request, size_t len, kauth_cred_t cred ) { - struct sadb_x_policy *xpl; + const struct sadb_x_policy *xpl; struct secpolicy *newsp = NULL; int error; @@ -1295,11 +1294,11 @@ return EINVAL; if (len < sizeof(*xpl)) return EINVAL; - xpl = (struct sadb_x_policy *)request; + xpl = (const struct sadb_x_policy *)request; KEYDEBUG(KEYDEBUG_IPSEC_DUMP, printf("ipsec_set_policy: passed policy\n"); - kdebug_sadb_x_policy((struct sadb_ext *)xpl)); + kdebug_sadb_x_policy((const struct sadb_ext *)xpl)); /* check policy type */ /* ipsec_set_policy() accepts IPSEC, ENTRUST and BYPASS. */ @@ -1354,10 +1353,10 @@ } int -ipsec4_set_policy(struct inpcb *inp, int optname ,void *request, +ipsec4_set_policy(struct inpcb *inp, int optname, const void *request, size_t len, kauth_cred_t cred) { - struct sadb_x_policy *xpl; + const struct sadb_x_policy *xpl; struct secpolicy **pcb_sp; /* sanity check. */ @@ -1365,7 +1364,7 @@ return EINVAL; if (len < sizeof(*xpl)) return EINVAL; - xpl = (struct sadb_x_policy *)request; + xpl = (const struct sadb_x_policy *)request; IPSEC_ASSERT(inp->inp_sp != NULL, ("ipsec4_set_policy(): null inp->in_sp")); @@ -1388,10 +1387,10 @@ } int -ipsec4_get_policy(struct inpcb *inp, void *request, size_t len, +ipsec4_get_policy(struct inpcb *inp, const void *request, size_t len, struct mbuf **mp) { - struct sadb_x_policy *xpl; + const struct sadb_x_policy *xpl; struct secpolicy *pcb_sp; /* sanity check. */ @@ -1400,7 +1399,7 @@ IPSEC_ASSERT(inp->inp_sp != NULL, ("ipsec4_get_policy: null inp_sp")); if (len < sizeof(*xpl)) return EINVAL; - xpl = (struct sadb_x_policy *)request; + xpl = (const struct sadb_x_policy *)request; /* select direction */ switch (xpl->sadb_x_policy_dir) { @@ -1446,10 +1445,10 @@ #ifdef INET6 int -ipsec6_set_policy(struct in6pcb *in6p, int optname, void *request, +ipsec6_set_policy(struct in6pcb *in6p, int optname, const void *request, size_t len, kauth_cred_t cred) { - struct sadb_x_policy *xpl; + const struct sadb_x_policy *xpl; struct secpolicy **pcb_sp; /* sanity check. */ @@ -1457,7 +1456,7 @@ return EINVAL; if (len < sizeof(*xpl)) return EINVAL; - xpl = (struct sadb_x_policy *)request; + xpl = (const struct sadb_x_policy *)request; /* select direction */ switch (xpl->sadb_x_policy_dir) { @@ -1477,10 +1476,10 @@ } int -ipsec6_get_policy(struct in6pcb *in6p, void *request, size_t len, +ipsec6_get_policy(struct in6pcb *in6p, const void *request, size_t len, struct mbuf **mp) { - struct sadb_x_policy *xpl; + const struct sadb_x_policy *xpl; struct secpolicy *pcb_sp; /* sanity check. */ @@ -1489,7 +1488,7 @@ IPSEC_ASSERT(in6p->in6p_sp != NULL, ("ipsec6_get_policy: null in6p_sp")); if (len < sizeof(*xpl)) return EINVAL; - xpl = (struct sadb_x_policy *)request; + xpl = (const struct sadb_x_policy *)request; /* select direction */ switch (xpl->sadb_x_policy_dir) { @@ -1795,9 +1794,9 @@ * NOTE: SP passed is free in this function. */ static size_t -ipsec_hdrsiz(struct secpolicy *sp) +ipsec_hdrsiz(const struct secpolicy *sp) { - struct ipsecrequest *isr; + const struct ipsecrequest *isr; size_t siz; KEYDEBUG(KEYDEBUG_IPSEC_DATA, @@ -1843,7 +1842,7 @@ default: ipseclog((LOG_ERR, "ipsec_hdrsiz: " "unknown AF %d in IPsec tunnel SA\n", - ((struct sockaddr *)&isr->saidx.dst)->sa_family)); + ((const struct sockaddr *)&isr->saidx.dst)->sa_family)); break; } } Index: src/sys/netipsec/ipsec.h diff -u src/sys/netipsec/ipsec.h:1.28 src/sys/netipsec/ipsec.h:1.29 --- src/sys/netipsec/ipsec.h:1.28 Wed Jun 8 16:24:50 2011 +++ src/sys/netipsec/ipsec.h Thu Jun 9 19:54:18 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec.h,v 1.28 2011/06/08 16:24:50 dyoung Exp $ */ +/* $NetBSD: ipsec.h,v 1.29 2011/06/09 19:54:18 drochner Exp $ */ /* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $ */ /* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */ @@ -249,7 +249,7 @@ #endif /* __NetBSD__ */ struct tdb_ident; -struct secpolicy *ipsec_getpolicy (struct tdb_ident*, u_int); +struct secpolicy *ipsec_getpolicy (const struct tdb_ident*, u_int); struct inpcb; struct secpolicy *ipsec4_checkpolicy (struct mbuf *, u_int, u_int, int *, struct inpcb *); @@ -286,8 +286,8 @@ u_int ipsec_get_reqlevel (const struct ipsecrequest *); int ipsec_in_reject (const struct secpolicy *, const struct mbuf *); -int ipsec4_set_policy (struct inpcb *, int, void *, size_t, kauth_cred_t); -int ipsec4_get_policy (struct inpcb *, void *, size_t, struct mbuf **); +int ipsec4_set_policy (struct inpcb *, int, const void *, size_t, kauth_cred_t); +int ipsec4_get_policy (struct inpcb *, const void *, size_t, struct mbuf **); int ipsec4_delete_pcbpolicy (struct inpcb *); int ipsec4_in_reject (struct mbuf *, struct inpcb *); /* Index: src/sys/netipsec/ipsec6.h diff -u src/sys/netipsec/ipsec6.h:1.12 src/sys/netipsec/ipsec6.h:1.13 --- src/sys/netipsec/ipsec6.h:1.12 Sun May 10 02:13:07 2009 +++ src/sys/netipsec/ipsec6.h Thu Jun 9 19:54:18 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec6.h,v 1.12 2009/05/10 02:13:07 elad Exp $ */ +/* $NetBSD: ipsec6.h,v 1.13 2011/06/09 19:54:18 drochner Exp $ */ /* $FreeBSD: src/sys/netipsec/ipsec6.h,v 1.1.4.1 2003/01/24 05:11:35 sam Exp $ */ /* $KAME: ipsec.h,v 1.44 2001/03/23 08:08:47 itojun Exp $ */ @@ -62,8 +62,8 @@ #define key_freesp(_x) KEY_FREESP(&_x) int ipsec6_delete_pcbpolicy (struct in6pcb *); -int ipsec6_set_policy (struct in6pcb *, int, void *, size_t, kauth_cred_t); -int ipsec6_get_policy (struct in6pcb *, void *, size_t, struct mbuf **); +int ipsec6_set_policy (struct in6pcb *, int, const void *, size_t, kauth_cred_t); +int ipsec6_get_policy (struct in6pcb *, const void *, size_t, struct mbuf **); struct secpolicy *ipsec6_checkpolicy (struct mbuf *, u_int, u_int, int *, struct in6pcb *); struct secpolicy * ipsec6_check_policy(struct mbuf *, Index: src/sys/netipsec/key.c diff -u src/sys/netipsec/key.c:1.72 src/sys/netipsec/key.c:1.73 --- src/sys/netipsec/key.c:1.72 Mon Jun 6 16:48:35 2011 +++ src/sys/netipsec/key.c Thu Jun 9 19:54:18 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: key.c,v 1.72 2011/06/06 16:48:35 drochner Exp $ */ +/* $NetBSD: key.c,v 1.73 2011/06/09 19:54:18 drochner Exp $ */ /* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */ /* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ @@ -32,7 +32,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.72 2011/06/06 16:48:35 drochner Exp $"); +__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.73 2011/06/09 19:54:18 drochner Exp $"); /* * This code is referd to RFC 2367 @@ -1428,7 +1428,7 @@ * so must be set properly later. */ struct secpolicy * -key_msg2sp(struct sadb_x_policy *xpl0, size_t len, int *error) +key_msg2sp(const struct sadb_x_policy *xpl0, size_t len, int *error) { struct secpolicy *newsp; @@ -1463,7 +1463,8 @@ case IPSEC_POLICY_IPSEC: { int tlen; - struct sadb_x_ipsecrequest *xisr; + const struct sadb_x_ipsecrequest *xisr; + uint16_t xisr_reqid; struct ipsecrequest **p_isr = &newsp->req; /* validity check */ @@ -1476,7 +1477,7 @@ } tlen = PFKEY_EXTLEN(xpl0) - sizeof(*xpl0); - xisr = (struct sadb_x_ipsecrequest *)(xpl0 + 1); + xisr = (const struct sadb_x_ipsecrequest *)(xpl0 + 1); while (tlen > 0) { /* length check */ @@ -1538,22 +1539,22 @@ case IPSEC_LEVEL_REQUIRE: break; case IPSEC_LEVEL_UNIQUE: + xisr_reqid = xisr->sadb_x_ipsecrequest_reqid; /* validity check */ /* * If range violation of reqid, kernel will * update it, don't refuse it. */ - if (xisr->sadb_x_ipsecrequest_reqid - > IPSEC_MANUAL_REQID_MAX) { + if (xisr_reqid > IPSEC_MANUAL_REQID_MAX) { ipseclog((LOG_DEBUG, "key_msg2sp: reqid=%d range " "violation, updated by kernel.\n", - xisr->sadb_x_ipsecrequest_reqid)); - xisr->sadb_x_ipsecrequest_reqid = 0; + xisr_reqid)); + xisr_reqid = 0; } /* allocate new reqid id if reqid is zero. */ - if (xisr->sadb_x_ipsecrequest_reqid == 0) { + if (xisr_reqid == 0) { u_int16_t reqid; if ((reqid = key_newreqid()) == 0) { KEY_FREESP(&newsp); @@ -1561,11 +1562,9 @@ return NULL; } (*p_isr)->saidx.reqid = reqid; - xisr->sadb_x_ipsecrequest_reqid = reqid; } else { /* set it for manual keying. */ - (*p_isr)->saidx.reqid = - xisr->sadb_x_ipsecrequest_reqid; + (*p_isr)->saidx.reqid = xisr_reqid; } break; @@ -1580,9 +1579,9 @@ /* set IP addresses if there */ if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { - struct sockaddr *paddr; + const struct sockaddr *paddr; - paddr = (struct sockaddr *)(xisr + 1); + paddr = (const struct sockaddr *)(xisr + 1); /* validity check */ if (paddr->sa_len @@ -1595,7 +1594,7 @@ } memcpy(&(*p_isr)->saidx.src, paddr, paddr->sa_len); - paddr = (struct sockaddr *)((char *)paddr + paddr = (const struct sockaddr *)((const char *)paddr + paddr->sa_len); /* validity check */ @@ -1625,7 +1624,7 @@ return NULL; } - xisr = (struct sadb_x_ipsecrequest *)((char *)xisr + xisr = (const struct sadb_x_ipsecrequest *)((const char *)xisr + xisr->sadb_x_ipsecrequest_len); } } @@ -1817,9 +1816,10 @@ key_spdadd(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp) { - struct sadb_address *src0, *dst0; - struct sadb_x_policy *xpl0, *xpl; - struct sadb_lifetime *lft = NULL; + const struct sadb_address *src0, *dst0; + const struct sadb_x_policy *xpl0; + struct sadb_x_policy *xpl; + const struct sadb_lifetime *lft = NULL; struct secpolicyindex spidx; struct secpolicy *newsp; int error; @@ -1932,13 +1932,13 @@ &newsp->spidx); /* sanity check on addr pair */ - if (((struct sockaddr *)(src0 + 1))->sa_family != - ((struct sockaddr *)(dst0+ 1))->sa_family) { + if (((const struct sockaddr *)(src0 + 1))->sa_family != + ((const struct sockaddr *)(dst0+ 1))->sa_family) { KFREE(newsp); return key_senderror(so, m, EINVAL); } - if (((struct sockaddr *)(src0 + 1))->sa_len != - ((struct sockaddr *)(dst0+ 1))->sa_len) { + if (((const struct sockaddr *)(src0 + 1))->sa_len != + ((const struct sockaddr *)(dst0+ 1))->sa_len) { KFREE(newsp); return key_senderror(so, m, EINVAL); } Index: src/sys/netipsec/key.h diff -u src/sys/netipsec/key.h:1.10 src/sys/netipsec/key.h:1.11 --- src/sys/netipsec/key.h:1.10 Mon May 23 15:17:25 2011 +++ src/sys/netipsec/key.h Thu Jun 9 19:54:18 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: key.h,v 1.10 2011/05/23 15:17:25 drochner Exp $ */ +/* $NetBSD: key.h,v 1.11 2011/06/09 19:54:18 drochner Exp $ */ /* $FreeBSD: src/sys/netipsec/key.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ /* $KAME: key.h,v 1.21 2001/07/27 03:51:30 itojun Exp $ */ @@ -92,7 +92,7 @@ int key_checktunnelsanity (struct secasvar *, u_int, void *, void *); int key_checkrequest (struct ipsecrequest *isr, const struct secasindex *); -struct secpolicy *key_msg2sp (struct sadb_x_policy *, size_t, int *); +struct secpolicy *key_msg2sp (const struct sadb_x_policy *, size_t, int *); struct mbuf *key_sp2msg (const struct secpolicy *); int key_ismyaddr (const struct sockaddr *); int key_cmpspidx_exactly (const struct secpolicyindex *, const struct secpolicyindex *);