Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/netinet/udp_usrreq.c,v rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/udp_usrreq.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.62 retrieving revision 1.66.4.6 diff -u -p -r1.62 -r1.66.4.6 --- src/sys/netinet/udp_usrreq.c 2000/02/29 16:21:56 1.62 +++ src/sys/netinet/udp_usrreq.c 2004/04/12 04:58:25 1.66.4.6 @@ -1,4 +1,4 @@ -/* $NetBSD: udp_usrreq.c,v 1.62 2000/02/29 16:21:56 itojun Exp $ */ +/* $NetBSD: udp_usrreq.c,v 1.66.4.6 2004/04/12 04:58:25 jmc Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -65,8 +65,7 @@ */ #include "opt_ipsec.h" - -#include "ipkdb.h" +#include "opt_ipkdb.h" #include #include @@ -111,6 +110,11 @@ #endif #endif +#include "faith.h" +#if defined(NFAITH) && NFAITH > 0 +#include +#endif + #include #ifdef IPSEC @@ -119,6 +123,10 @@ #include #endif /*IPSEC*/ +#ifdef IPKDB +#include +#endif + /* * UDP protocol implementation. * Per RFC 768, August, 1980. @@ -229,7 +237,7 @@ udp_input(m, va_alist) */ len = ntohs((u_int16_t)uh->uh_ulen); if (ip->ip_len != iphlen + len) { - if (ip->ip_len < iphlen + len) { + if (ip->ip_len < iphlen + len || len < sizeof(struct udphdr)) { udpstat.udps_badlen++; goto bad; } @@ -289,7 +297,7 @@ udp_input(m, va_alist) goto bad; } udpstat.udps_noport++; -#if NIPKDB > 0 +#ifdef IPKDB if (checkipkdb(&ip->ip_src, uh->uh_sport, uh->uh_dport, m, iphlen + sizeof(struct udphdr), m->m_pkthdr.len - iphlen - sizeof(struct udphdr))) { @@ -322,23 +330,21 @@ udp6_input(mp, offp, proto) struct udphdr *uh; u_int32_t plen, ulen; +#ifndef PULLDOWN_TEST + IP6_EXTHDR_CHECK(m, off, sizeof(struct udphdr), IPPROTO_DONE); +#endif + ip6 = mtod(m, struct ip6_hdr *); + #if defined(NFAITH) && 0 < NFAITH - if (m->m_pkthdr.rcvif) { - if (m->m_pkthdr.rcvif->if_type == IFT_FAITH) { - /* send icmp6 host unreach? */ - m_freem(m); - return IPPROTO_DONE; - } + if (faithprefix(&ip6->ip6_dst)) { + /* send icmp6 host unreach? */ + m_freem(m); + return IPPROTO_DONE; } #endif udp6stat.udp6s_ipackets++; -#ifndef PULLDOWN_TEST - IP6_EXTHDR_CHECK(m, off, sizeof(struct udphdr), IPPROTO_DONE); -#endif - - ip6 = mtod(m, struct ip6_hdr *); /* check for jumbogram is done in ip6_input. we can trust pkthdr.len */ plen = m->m_pkthdr.len - off; #ifndef PULLDOWN_TEST @@ -373,9 +379,11 @@ udp6_input(mp, offp, proto) /* * Checksum extended UDP header and data. */ - if (uh->uh_sum == 0) + if (uh->uh_sum == 0) { udp6stat.udp6s_nosum++; - else if (in6_cksum(m, IPPROTO_UDP, off, ulen) != 0) { + goto bad; + } + if (in6_cksum(m, IPPROTO_UDP, off, ulen) != 0) { udp6stat.udp6s_badsum++; goto bad; } @@ -551,7 +559,7 @@ udp4_realinput(src, dst, m, off) dst4 = &dst->sin_addr; dport = &dst->sin_port; - if (IN_MULTICAST(src4->s_addr) || + if (IN_MULTICAST(dst4->s_addr) || in_broadcast(*dst4, m->m_pkthdr.rcvif)) { struct inpcb *last; /* @@ -638,7 +646,7 @@ udp4_realinput(src, dst, m, off) goto bad; } udpstat.udps_noport++; -#if NIPKDB > 0 +#ifdef IPKDB if (checkipkdb(src4, *sport, *dport, m, off, m->m_pkthdr.len - off)) { /* @@ -669,7 +677,7 @@ bad: static int in6_mcmatch(in6p, ia6, ifp) struct in6pcb *in6p; - register struct in6_addr *ia6; + struct in6_addr *ia6; struct ifnet *ifp; { struct ip6_moptions *im6o = in6p->in6p_moptions; @@ -700,7 +708,7 @@ udp6_realinput(af, src, dst, m, off) u_int16_t *sport, *dport; int rcvcnt; struct in6_addr *src6, *dst6; - struct in_addr *src4; + struct in_addr *dst4; struct in6pcb *in6p; rcvcnt = 0; @@ -715,10 +723,10 @@ udp6_realinput(af, src, dst, m, off) sport = &src->sin6_port; dst6 = &dst->sin6_addr; dport = &dst->sin6_port; - src4 = (struct in_addr *)&src->sin6_addr.s6_addr32[12]; + dst4 = (struct in_addr *)&dst->sin6_addr.s6_addr32[12]; if (IN6_IS_ADDR_MULTICAST(dst6) - || (af == AF_INET && IN_MULTICAST(src4->s_addr))) { + || (af == AF_INET && IN_MULTICAST(dst4->s_addr))) { struct in6pcb *last; /* * Deliver a multicast or broadcast datagram to *all* sockets @@ -870,9 +878,9 @@ udp_input(m, va_alist) #endif { int proto; - register struct ip *ip; - register struct udphdr *uh; - register struct inpcb *inp; + struct ip *ip; + struct udphdr *uh; + struct inpcb *inp; struct mbuf *opts = 0; int len; struct ip save_ip; @@ -922,7 +930,7 @@ udp_input(m, va_alist) */ len = ntohs((u_int16_t)uh->uh_ulen); if (ip->ip_len != iphlen + len) { - if (ip->ip_len < iphlen + len) { + if (ip->ip_len < iphlen + len || len < sizeof(struct udphdr)) { udpstat.udps_badlen++; goto bad; } @@ -1090,7 +1098,7 @@ udp_input(m, va_alist) } udpstat.udps_noport++; *ip = save_ip; -#if NIPKDB > 0 +#ifdef IPKDB if (checkipkdb(&ip->ip_src, uh->uh_sport, uh->uh_dport, @@ -1141,7 +1149,7 @@ bad: */ static void udp_notify(inp, errno) - register struct inpcb *inp; + struct inpcb *inp; int errno; { @@ -1156,9 +1164,8 @@ udp_ctlinput(cmd, sa, v) struct sockaddr *sa; void *v; { - register struct ip *ip = v; - register struct udphdr *uh; - extern int inetctlerrmap[]; + struct ip *ip = v; + struct udphdr *uh; void (*notify) __P((struct inpcb *, int)) = udp_notify; int errno; @@ -1195,9 +1202,9 @@ udp_output(m, va_alist) va_dcl #endif { - register struct inpcb *inp; - register struct udpiphdr *ui; - register int len = m->m_pkthdr.len; + struct inpcb *inp; + struct udpiphdr *ui; + int len = m->m_pkthdr.len; int error = 0; va_list ap; @@ -1252,7 +1259,10 @@ udp_output(m, va_alist) udpstat.udps_opackets++; #ifdef IPSEC - m->m_pkthdr.rcvif = (struct ifnet *)inp->inp_socket; + if (ipsec_setsocket(m, inp->inp_socket) != 0) { + error = ENOBUFS; + goto release; + } #endif /*IPSEC*/ return (ip_output(m, inp->inp_options, &inp->inp_route, @@ -1276,9 +1286,9 @@ udp_usrreq(so, req, m, nam, control, p) struct mbuf *m, *nam, *control; struct proc *p; { - register struct inpcb *inp; + struct inpcb *inp; int s; - register int error = 0; + int error = 0; if (req == PRU_CONTROL) return (in_control(so, (long)m, (caddr_t)nam,