netipsec

Maxime Villard Wed, 21 Feb 2018 08:38:25 -0800

Module Name:    src
Committed By:   maxv
Date:           Wed Feb 21 16:38:15 UTC 2018


Modified Files:
        src/sys/netipsec: ipsec.c

Log Message:
Use inpcb_hdr to reduce the diff between:

        ipsec4_hdrsiz      and ipsec6_hdrsiz
        ipsec4_in_reject   and ipsec6_in_reject
        ipsec4_checkpolicy and ipsec4_checkpolicy

The members of these couples are now identical, and could be merged,
giving only three functions instead of six...


To generate a diff of this commit:
cvs rdiff -u -r1.132 -r1.133 src/sys/netipsec/ipsec.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netipsec/ipsec.c
diff -u src/sys/netipsec/ipsec.c:1.132 src/sys/netipsec/ipsec.c:1.133
--- src/sys/netipsec/ipsec.c:1.132	Wed Feb 21 16:18:52 2018
+++ src/sys/netipsec/ipsec.c	Wed Feb 21 16:38:15 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.132 2018/02/21 16:18:52 maxv Exp $ */
+/* $NetBSD: ipsec.c,v 1.133 2018/02/21 16:38:15 maxv Exp $ */
 /* $FreeBSD: src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
 /* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.132 2018/02/21 16:18:52 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.133 2018/02/21 16:38:15 maxv Exp $");
 
 /*
  * IPsec controller part.
@@ -584,8 +584,9 @@ ipsec4_checkpolicy(struct mbuf *m, u_int
 	if (inp == NULL) {
 		sp = ipsec_getpolicybyaddr(m, dir, flag, error);
 	} else {
-		KASSERT(inp->inp_socket != NULL);
-		sp = ipsec_getpolicybysock(m, dir, (struct inpcb_hdr *)inp, error);
+		struct inpcb_hdr *inph = (struct inpcb_hdr *)inp;
+		KASSERT(inph->inph_socket != NULL);
+		sp = ipsec_getpolicybysock(m, dir, inph, error);
 	}
 	if (sp == NULL) {
 		KASSERTMSG(*error != 0, "getpolicy failed w/o error");
@@ -813,8 +814,9 @@ ipsec6_checkpolicy(struct mbuf *m, u_int
 	if (in6p == NULL) {
 		sp = ipsec_getpolicybyaddr(m, dir, flag, error);
 	} else {
-		KASSERT(in6p->in6p_socket != NULL);
-		sp = ipsec_getpolicybysock(m, dir, (struct inpcb_hdr *)in6p, error);
+		struct inpcb_hdr *inph = (struct inpcb_hdr *)in6p;
+		KASSERT(inph->inph_socket != NULL);
+		sp = ipsec_getpolicybysock(m, dir, inph, error);
 	}
 	if (sp == NULL) {
 		KASSERTMSG(*error != 0, "getpolicy failed w/o error");
@@ -834,7 +836,7 @@ ipsec6_checkpolicy(struct mbuf *m, u_int
 	case IPSEC_POLICY_BYPASS:
 	case IPSEC_POLICY_NONE:
 		KEY_SP_UNREF(&sp);
-		sp = NULL;	  /* NB: force NULL result */
+		sp = NULL;		/* NB: force NULL result */
 		break;
 	case IPSEC_POLICY_IPSEC:
 		KASSERT(sp->req != NULL);
@@ -1753,18 +1755,19 @@ ipsec_sp_reject(const struct secpolicy *
 int
 ipsec4_in_reject(struct mbuf *m, struct inpcb *inp)
 {
+	struct inpcb_hdr *inph = (struct inpcb_hdr *)inp;
 	struct secpolicy *sp;
 	int error;
 	int result;
 
 	KASSERT(m != NULL);
 
-	if (inp == NULL)
+	if (inph == NULL)
 		sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
 		    IP_FORWARDING, &error);
 	else
 		sp = ipsec_getpolicybysock(m, IPSEC_DIR_INBOUND,
-		    (struct inpcb_hdr *)inp, &error);
+		    inph, &error);
 
 	if (sp != NULL) {
 		result = ipsec_sp_reject(sp, m);
@@ -1786,18 +1789,19 @@ ipsec4_in_reject(struct mbuf *m, struct 
 int
 ipsec6_in_reject(struct mbuf *m, struct in6pcb *in6p)
 {
+	struct inpcb_hdr *inph = (struct inpcb_hdr *)in6p;
 	struct secpolicy *sp;
 	int error;
 	int result;
 
 	KASSERT(m != NULL);
 
-	if (in6p == NULL)
+	if (inph == NULL)
 		sp = ipsec_getpolicybyaddr(m, IPSEC_DIR_INBOUND,
 		    IP_FORWARDING, &error);
 	else
 		sp = ipsec_getpolicybysock(m, IPSEC_DIR_INBOUND,
-		    (struct inpcb_hdr *)in6p, &error);
+		    inph, &error);
 
 	if (sp != NULL) {
 		result = ipsec_sp_reject(sp, m);
@@ -1890,25 +1894,26 @@ ipsec_sp_hdrsiz(const struct secpolicy *
 size_t
 ipsec4_hdrsiz(struct mbuf *m, u_int dir, struct inpcb *inp)
 {
+	struct inpcb_hdr *inph = (struct inpcb_hdr *)inp;
 	struct secpolicy *sp;
 	int error;
 	size_t size;
 
 	KASSERT(m != NULL);
-	KASSERTMSG(inp == NULL || inp->inp_socket != NULL, "socket w/o inpcb");
+	KASSERTMSG(inph == NULL || inph->inph_socket != NULL,
+	    "socket w/o inpcb");
 
-	if (inp == NULL)
+	if (inph == NULL)
 		sp = ipsec_getpolicybyaddr(m, dir, IP_FORWARDING, &error);
 	else
-		sp = ipsec_getpolicybysock(m, dir,
-		    (struct inpcb_hdr *)inp, &error);
+		sp = ipsec_getpolicybysock(m, dir, inph, &error);
 
 	if (sp != NULL) {
 		size = ipsec_sp_hdrsiz(sp, m);
 		KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_DATA, "size:%zu.\n", size);
 		KEY_SP_UNREF(&sp);
 	} else {
-		size = 0;	/* XXX should be panic ? */
+		size = 0;
 	}
 
 	return size;
@@ -1918,19 +1923,19 @@ ipsec4_hdrsiz(struct mbuf *m, u_int dir,
 size_t
 ipsec6_hdrsiz(struct mbuf *m, u_int dir, struct in6pcb *in6p)
 {
+	struct inpcb_hdr *inph = (struct inpcb_hdr *)in6p;
 	struct secpolicy *sp;
 	int error;
 	size_t size;
 
 	KASSERT(m != NULL);
-	KASSERTMSG(in6p == NULL || in6p->in6p_socket != NULL,
+	KASSERTMSG(inph == NULL || inph->inph_socket != NULL,
 	    "socket w/o inpcb");
 
-	if (in6p == NULL)
+	if (inph == NULL)
 		sp = ipsec_getpolicybyaddr(m, dir, IP_FORWARDING, &error);
 	else
-		sp = ipsec_getpolicybysock(m, dir,
-		    (struct inpcb_hdr *)in6p, &error);
+		sp = ipsec_getpolicybysock(m, dir, inph, &error);
 
 	if (sp != NULL) {
 		size = ipsec_sp_hdrsiz(sp, m);

CVS commit: src/sys/netipsec

Reply via email to