Module Name: src
Committed By: drochner
Date: Thu Jun 9 19:54:18 UTC 2011
Modified Files:
src/sys/net: pfkeyv2.h
src/sys/netipsec: ipsec.c ipsec.h ipsec6.h key.c key.h
Log Message:
more "const"
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 src/sys/net/pfkeyv2.h
cvs rdiff -u -r1.54 -r1.55 src/sys/netipsec/ipsec.c
cvs rdiff -u -r1.28 -r1.29 src/sys/netipsec/ipsec.h
cvs rdiff -u -r1.12 -r1.13 src/sys/netipsec/ipsec6.h
cvs rdiff -u -r1.72 -r1.73 src/sys/netipsec/key.c
cvs rdiff -u -r1.10 -r1.11 src/sys/netipsec/key.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/pfkeyv2.h
diff -u src/sys/net/pfkeyv2.h:1.29 src/sys/net/pfkeyv2.h:1.30
--- src/sys/net/pfkeyv2.h:1.29 Thu May 26 21:50:02 2011
+++ src/sys/net/pfkeyv2.h Thu Jun 9 19:54:18 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: pfkeyv2.h,v 1.29 2011/05/26 21:50:02 drochner Exp $ */
+/* $NetBSD: pfkeyv2.h,v 1.30 2011/06/09 19:54:18 drochner Exp $ */
/* $KAME: pfkeyv2.h,v 1.36 2003/07/25 09:33:37 itojun Exp $ */
/*
@@ -430,11 +430,11 @@
/* Utilities */
#define PFKEY_ALIGN8(a) (1 + (((a) - 1) | (8 - 1)))
#define PFKEY_EXTLEN(msg) \
- PFKEY_UNUNIT64(((struct sadb_ext *)(void *)(msg))->sadb_ext_len)
+ PFKEY_UNUNIT64(((const struct sadb_ext *)(const void *)(msg))->sadb_ext_len)
#define PFKEY_ADDR_PREFIX(ext) \
- (((struct sadb_address *)(void *)(ext))->sadb_address_prefixlen)
+ (((const struct sadb_address *)(const void *)(ext))->sadb_address_prefixlen)
#define PFKEY_ADDR_PROTO(ext) \
- (((struct sadb_address *)(void *)(ext))->sadb_address_proto)
+ (((const struct sadb_address *)(const void *)(ext))->sadb_address_proto)
#define PFKEY_ADDR_SADDR(ext) \
((struct sockaddr *)(void *)((char *)(void *)(ext) + \
sizeof(struct sadb_address)))
Index: src/sys/netipsec/ipsec.c
diff -u src/sys/netipsec/ipsec.c:1.54 src/sys/netipsec/ipsec.c:1.55
--- src/sys/netipsec/ipsec.c:1.54 Wed Jun 8 16:24:50 2011
+++ src/sys/netipsec/ipsec.c Thu Jun 9 19:54:18 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.54 2011/06/08 16:24:50 dyoung Exp $ */
+/* $NetBSD: ipsec.c,v 1.55 2011/06/09 19:54:18 drochner Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.54 2011/06/08 16:24:50 dyoung Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.55 2011/06/09 19:54:18 drochner Exp $");
/*
* IPsec controller part.
@@ -242,11 +242,11 @@
#endif
static void ipsec_delpcbpolicy (struct inpcbpolicy *);
static struct secpolicy *ipsec_deepcopy_policy (const struct secpolicy *);
-static int ipsec_set_policy (struct secpolicy **,int , void *, size_t ,
- kauth_cred_t );
+static int ipsec_set_policy (struct secpolicy **, int, const void *, size_t,
+ kauth_cred_t);
static int ipsec_get_policy (struct secpolicy *, struct mbuf **);
static void vshiftl (unsigned char *, int, int);
-static size_t ipsec_hdrsiz (struct secpolicy *);
+static size_t ipsec_hdrsiz (const struct secpolicy *);
#ifdef __NetBSD__
/*
@@ -481,7 +481,7 @@
* NOTE: IPv6 mapped address concern is implemented here.
*/
struct secpolicy *
-ipsec_getpolicy(struct tdb_ident *tdbi, u_int dir)
+ipsec_getpolicy(const struct tdb_ident *tdbi, u_int dir)
{
struct secpolicy *sp;
@@ -785,7 +785,7 @@
#endif /* INET6 */
static int
-ipsec4_setspidx_inpcb(struct mbuf *m ,struct inpcb *pcb)
+ipsec4_setspidx_inpcb(struct mbuf *m, struct inpcb *pcb)
{
int error;
@@ -1224,7 +1224,7 @@
ipsec_deepcopy_policy(const struct secpolicy *src)
{
struct ipsecrequest *newchain = NULL;
- struct ipsecrequest *p;
+ const struct ipsecrequest *p;
struct ipsecrequest **q;
struct ipsecrequest *r;
struct secpolicy *dst;
@@ -1268,10 +1268,9 @@
return dst;
fail:
- for (p = newchain; p; p = r) {
- r = p->next;
- free(p, M_SECA);
- p = NULL;
+ for (q = &newchain; *q; q = &r) {
+ r = (*q)->next;
+ free(*q, M_SECA);
}
return NULL;
}
@@ -1281,12 +1280,12 @@
ipsec_set_policy(
struct secpolicy **pcb_sp,
int optname,
- void *request,
+ const void *request,
size_t len,
kauth_cred_t cred
)
{
- struct sadb_x_policy *xpl;
+ const struct sadb_x_policy *xpl;
struct secpolicy *newsp = NULL;
int error;
@@ -1295,11 +1294,11 @@
return EINVAL;
if (len < sizeof(*xpl))
return EINVAL;
- xpl = (struct sadb_x_policy *)request;
+ xpl = (const struct sadb_x_policy *)request;
KEYDEBUG(KEYDEBUG_IPSEC_DUMP,
printf("ipsec_set_policy: passed policy\n");
- kdebug_sadb_x_policy((struct sadb_ext *)xpl));
+ kdebug_sadb_x_policy((const struct sadb_ext *)xpl));
/* check policy type */
/* ipsec_set_policy() accepts IPSEC, ENTRUST and BYPASS. */
@@ -1354,10 +1353,10 @@
}
int
-ipsec4_set_policy(struct inpcb *inp, int optname ,void *request,
+ipsec4_set_policy(struct inpcb *inp, int optname, const void *request,
size_t len, kauth_cred_t cred)
{
- struct sadb_x_policy *xpl;
+ const struct sadb_x_policy *xpl;
struct secpolicy **pcb_sp;
/* sanity check. */
@@ -1365,7 +1364,7 @@
return EINVAL;
if (len < sizeof(*xpl))
return EINVAL;
- xpl = (struct sadb_x_policy *)request;
+ xpl = (const struct sadb_x_policy *)request;
IPSEC_ASSERT(inp->inp_sp != NULL,
("ipsec4_set_policy(): null inp->in_sp"));
@@ -1388,10 +1387,10 @@
}
int
-ipsec4_get_policy(struct inpcb *inp, void *request, size_t len,
+ipsec4_get_policy(struct inpcb *inp, const void *request, size_t len,
struct mbuf **mp)
{
- struct sadb_x_policy *xpl;
+ const struct sadb_x_policy *xpl;
struct secpolicy *pcb_sp;
/* sanity check. */
@@ -1400,7 +1399,7 @@
IPSEC_ASSERT(inp->inp_sp != NULL, ("ipsec4_get_policy: null inp_sp"));
if (len < sizeof(*xpl))
return EINVAL;
- xpl = (struct sadb_x_policy *)request;
+ xpl = (const struct sadb_x_policy *)request;
/* select direction */
switch (xpl->sadb_x_policy_dir) {
@@ -1446,10 +1445,10 @@
#ifdef INET6
int
-ipsec6_set_policy(struct in6pcb *in6p, int optname, void *request,
+ipsec6_set_policy(struct in6pcb *in6p, int optname, const void *request,
size_t len, kauth_cred_t cred)
{
- struct sadb_x_policy *xpl;
+ const struct sadb_x_policy *xpl;
struct secpolicy **pcb_sp;
/* sanity check. */
@@ -1457,7 +1456,7 @@
return EINVAL;
if (len < sizeof(*xpl))
return EINVAL;
- xpl = (struct sadb_x_policy *)request;
+ xpl = (const struct sadb_x_policy *)request;
/* select direction */
switch (xpl->sadb_x_policy_dir) {
@@ -1477,10 +1476,10 @@
}
int
-ipsec6_get_policy(struct in6pcb *in6p, void *request, size_t len,
+ipsec6_get_policy(struct in6pcb *in6p, const void *request, size_t len,
struct mbuf **mp)
{
- struct sadb_x_policy *xpl;
+ const struct sadb_x_policy *xpl;
struct secpolicy *pcb_sp;
/* sanity check. */
@@ -1489,7 +1488,7 @@
IPSEC_ASSERT(in6p->in6p_sp != NULL, ("ipsec6_get_policy: null in6p_sp"));
if (len < sizeof(*xpl))
return EINVAL;
- xpl = (struct sadb_x_policy *)request;
+ xpl = (const struct sadb_x_policy *)request;
/* select direction */
switch (xpl->sadb_x_policy_dir) {
@@ -1795,9 +1794,9 @@
* NOTE: SP passed is free in this function.
*/
static size_t
-ipsec_hdrsiz(struct secpolicy *sp)
+ipsec_hdrsiz(const struct secpolicy *sp)
{
- struct ipsecrequest *isr;
+ const struct ipsecrequest *isr;
size_t siz;
KEYDEBUG(KEYDEBUG_IPSEC_DATA,
@@ -1843,7 +1842,7 @@
default:
ipseclog((LOG_ERR, "ipsec_hdrsiz: "
"unknown AF %d in IPsec tunnel SA\n",
- ((struct sockaddr *)&isr->saidx.dst)->sa_family));
+ ((const struct sockaddr *)&isr->saidx.dst)->sa_family));
break;
}
}
Index: src/sys/netipsec/ipsec.h
diff -u src/sys/netipsec/ipsec.h:1.28 src/sys/netipsec/ipsec.h:1.29
--- src/sys/netipsec/ipsec.h:1.28 Wed Jun 8 16:24:50 2011
+++ src/sys/netipsec/ipsec.h Thu Jun 9 19:54:18 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.h,v 1.28 2011/06/08 16:24:50 dyoung Exp $ */
+/* $NetBSD: ipsec.h,v 1.29 2011/06/09 19:54:18 drochner Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $ */
@@ -249,7 +249,7 @@
#endif /* __NetBSD__ */
struct tdb_ident;
-struct secpolicy *ipsec_getpolicy (struct tdb_ident*, u_int);
+struct secpolicy *ipsec_getpolicy (const struct tdb_ident*, u_int);
struct inpcb;
struct secpolicy *ipsec4_checkpolicy (struct mbuf *, u_int, u_int,
int *, struct inpcb *);
@@ -286,8 +286,8 @@
u_int ipsec_get_reqlevel (const struct ipsecrequest *);
int ipsec_in_reject (const struct secpolicy *, const struct mbuf *);
-int ipsec4_set_policy (struct inpcb *, int, void *, size_t, kauth_cred_t);
-int ipsec4_get_policy (struct inpcb *, void *, size_t, struct mbuf **);
+int ipsec4_set_policy (struct inpcb *, int, const void *, size_t, kauth_cred_t);
+int ipsec4_get_policy (struct inpcb *, const void *, size_t, struct mbuf **);
int ipsec4_delete_pcbpolicy (struct inpcb *);
int ipsec4_in_reject (struct mbuf *, struct inpcb *);
/*
Index: src/sys/netipsec/ipsec6.h
diff -u src/sys/netipsec/ipsec6.h:1.12 src/sys/netipsec/ipsec6.h:1.13
--- src/sys/netipsec/ipsec6.h:1.12 Sun May 10 02:13:07 2009
+++ src/sys/netipsec/ipsec6.h Thu Jun 9 19:54:18 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec6.h,v 1.12 2009/05/10 02:13:07 elad Exp $ */
+/* $NetBSD: ipsec6.h,v 1.13 2011/06/09 19:54:18 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/ipsec6.h,v 1.1.4.1 2003/01/24 05:11:35 sam Exp $ */
/* $KAME: ipsec.h,v 1.44 2001/03/23 08:08:47 itojun Exp $ */
@@ -62,8 +62,8 @@
#define key_freesp(_x) KEY_FREESP(&_x)
int ipsec6_delete_pcbpolicy (struct in6pcb *);
-int ipsec6_set_policy (struct in6pcb *, int, void *, size_t, kauth_cred_t);
-int ipsec6_get_policy (struct in6pcb *, void *, size_t, struct mbuf **);
+int ipsec6_set_policy (struct in6pcb *, int, const void *, size_t, kauth_cred_t);
+int ipsec6_get_policy (struct in6pcb *, const void *, size_t, struct mbuf **);
struct secpolicy *ipsec6_checkpolicy (struct mbuf *, u_int,
u_int, int *, struct in6pcb *);
struct secpolicy * ipsec6_check_policy(struct mbuf *,
Index: src/sys/netipsec/key.c
diff -u src/sys/netipsec/key.c:1.72 src/sys/netipsec/key.c:1.73
--- src/sys/netipsec/key.c:1.72 Mon Jun 6 16:48:35 2011
+++ src/sys/netipsec/key.c Thu Jun 9 19:54:18 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.72 2011/06/06 16:48:35 drochner Exp $ */
+/* $NetBSD: key.c,v 1.73 2011/06/09 19:54:18 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.72 2011/06/06 16:48:35 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.73 2011/06/09 19:54:18 drochner Exp $");
/*
* This code is referd to RFC 2367
@@ -1428,7 +1428,7 @@
* so must be set properly later.
*/
struct secpolicy *
-key_msg2sp(struct sadb_x_policy *xpl0, size_t len, int *error)
+key_msg2sp(const struct sadb_x_policy *xpl0, size_t len, int *error)
{
struct secpolicy *newsp;
@@ -1463,7 +1463,8 @@
case IPSEC_POLICY_IPSEC:
{
int tlen;
- struct sadb_x_ipsecrequest *xisr;
+ const struct sadb_x_ipsecrequest *xisr;
+ uint16_t xisr_reqid;
struct ipsecrequest **p_isr = &newsp->req;
/* validity check */
@@ -1476,7 +1477,7 @@
}
tlen = PFKEY_EXTLEN(xpl0) - sizeof(*xpl0);
- xisr = (struct sadb_x_ipsecrequest *)(xpl0 + 1);
+ xisr = (const struct sadb_x_ipsecrequest *)(xpl0 + 1);
while (tlen > 0) {
/* length check */
@@ -1538,22 +1539,22 @@
case IPSEC_LEVEL_REQUIRE:
break;
case IPSEC_LEVEL_UNIQUE:
+ xisr_reqid = xisr->sadb_x_ipsecrequest_reqid;
/* validity check */
/*
* If range violation of reqid, kernel will
* update it, don't refuse it.
*/
- if (xisr->sadb_x_ipsecrequest_reqid
- > IPSEC_MANUAL_REQID_MAX) {
+ if (xisr_reqid > IPSEC_MANUAL_REQID_MAX) {
ipseclog((LOG_DEBUG,
"key_msg2sp: reqid=%d range "
"violation, updated by kernel.\n",
- xisr->sadb_x_ipsecrequest_reqid));
- xisr->sadb_x_ipsecrequest_reqid = 0;
+ xisr_reqid));
+ xisr_reqid = 0;
}
/* allocate new reqid id if reqid is zero. */
- if (xisr->sadb_x_ipsecrequest_reqid == 0) {
+ if (xisr_reqid == 0) {
u_int16_t reqid;
if ((reqid = key_newreqid()) == 0) {
KEY_FREESP(&newsp);
@@ -1561,11 +1562,9 @@
return NULL;
}
(*p_isr)->saidx.reqid = reqid;
- xisr->sadb_x_ipsecrequest_reqid = reqid;
} else {
/* set it for manual keying. */
- (*p_isr)->saidx.reqid =
- xisr->sadb_x_ipsecrequest_reqid;
+ (*p_isr)->saidx.reqid = xisr_reqid;
}
break;
@@ -1580,9 +1579,9 @@
/* set IP addresses if there */
if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
- struct sockaddr *paddr;
+ const struct sockaddr *paddr;
- paddr = (struct sockaddr *)(xisr + 1);
+ paddr = (const struct sockaddr *)(xisr + 1);
/* validity check */
if (paddr->sa_len
@@ -1595,7 +1594,7 @@
}
memcpy(&(*p_isr)->saidx.src, paddr, paddr->sa_len);
- paddr = (struct sockaddr *)((char *)paddr
+ paddr = (const struct sockaddr *)((const char *)paddr
+ paddr->sa_len);
/* validity check */
@@ -1625,7 +1624,7 @@
return NULL;
}
- xisr = (struct sadb_x_ipsecrequest *)((char *)xisr
+ xisr = (const struct sadb_x_ipsecrequest *)((const char *)xisr
+ xisr->sadb_x_ipsecrequest_len);
}
}
@@ -1817,9 +1816,10 @@
key_spdadd(struct socket *so, struct mbuf *m,
const struct sadb_msghdr *mhp)
{
- struct sadb_address *src0, *dst0;
- struct sadb_x_policy *xpl0, *xpl;
- struct sadb_lifetime *lft = NULL;
+ const struct sadb_address *src0, *dst0;
+ const struct sadb_x_policy *xpl0;
+ struct sadb_x_policy *xpl;
+ const struct sadb_lifetime *lft = NULL;
struct secpolicyindex spidx;
struct secpolicy *newsp;
int error;
@@ -1932,13 +1932,13 @@
&newsp->spidx);
/* sanity check on addr pair */
- if (((struct sockaddr *)(src0 + 1))->sa_family !=
- ((struct sockaddr *)(dst0+ 1))->sa_family) {
+ if (((const struct sockaddr *)(src0 + 1))->sa_family !=
+ ((const struct sockaddr *)(dst0+ 1))->sa_family) {
KFREE(newsp);
return key_senderror(so, m, EINVAL);
}
- if (((struct sockaddr *)(src0 + 1))->sa_len !=
- ((struct sockaddr *)(dst0+ 1))->sa_len) {
+ if (((const struct sockaddr *)(src0 + 1))->sa_len !=
+ ((const struct sockaddr *)(dst0+ 1))->sa_len) {
KFREE(newsp);
return key_senderror(so, m, EINVAL);
}
Index: src/sys/netipsec/key.h
diff -u src/sys/netipsec/key.h:1.10 src/sys/netipsec/key.h:1.11
--- src/sys/netipsec/key.h:1.10 Mon May 23 15:17:25 2011
+++ src/sys/netipsec/key.h Thu Jun 9 19:54:18 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: key.h,v 1.10 2011/05/23 15:17:25 drochner Exp $ */
+/* $NetBSD: key.h,v 1.11 2011/06/09 19:54:18 drochner Exp $ */
/* $FreeBSD: src/sys/netipsec/key.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $KAME: key.h,v 1.21 2001/07/27 03:51:30 itojun Exp $ */
@@ -92,7 +92,7 @@
int key_checktunnelsanity (struct secasvar *, u_int, void *, void *);
int key_checkrequest (struct ipsecrequest *isr, const struct secasindex *);
-struct secpolicy *key_msg2sp (struct sadb_x_policy *, size_t, int *);
+struct secpolicy *key_msg2sp (const struct sadb_x_policy *, size_t, int *);
struct mbuf *key_sp2msg (const struct secpolicy *);
int key_ismyaddr (const struct sockaddr *);
int key_cmpspidx_exactly (const struct secpolicyindex *, const struct secpolicyindex *);
