[BACK]Return to ip6_input.c CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / sys / netinet6

Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.

Diff for /src/sys/netinet6/ip6_input.c between version 1.132.2.3 and 1.133

version 1.132.2.3, 2013/01/16 05:33:50 version 1.133, 2011/11/19 22:51:29
Line 103  __KERNEL_RCSID(0, "$NetBSD$");
Line 103  __KERNEL_RCSID(0, "$NetBSD$");
 #include <netinet/ip_icmp.h>  #include <netinet/ip_icmp.h>
 #endif /* INET */  #endif /* INET */
 #include <netinet/ip6.h>  #include <netinet/ip6.h>
 #include <netinet/portalgo.h>  
 #include <netinet6/in6_var.h>  #include <netinet6/in6_var.h>
 #include <netinet6/ip6_var.h>  #include <netinet6/ip6_var.h>
 #include <netinet6/ip6_private.h>  #include <netinet6/ip6_private.h>
Line 113  __KERNEL_RCSID(0, "$NetBSD$");
Line 112  __KERNEL_RCSID(0, "$NetBSD$");
 #include <netinet6/in6_ifattach.h>  #include <netinet6/in6_ifattach.h>
 #include <netinet6/nd6.h>  #include <netinet6/nd6.h>
   
   #ifdef IPSEC
   #include <netinet6/ipsec.h>
   #include <netinet6/ipsec_private.h>
   #endif
   
 #ifdef FAST_IPSEC  #ifdef FAST_IPSEC
 #include <netipsec/ipsec.h>  #include <netipsec/ipsec.h>
 #include <netipsec/ipsec6.h>  #include <netipsec/ipsec6.h>
Line 157  percpu_t *ip6stat_percpu;
Line 161  percpu_t *ip6stat_percpu;
 static void ip6_init2(void *);  static void ip6_init2(void *);
 static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *);  static struct m_tag *ip6_setdstifaddr(struct mbuf *, const struct in6_ifaddr *);
   
 static int ip6_process_hopopts(struct mbuf *, u_int8_t *, int, u_int32_t *,  static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *);
         u_int32_t *);  
 static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int);  static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int);
 static void sysctl_net_inet6_ip6_setup(struct sysctllog **);  static void sysctl_net_inet6_ip6_setup(struct sysctllog **);
   
Line 190  ip6_init(void)
Line 193  ip6_init(void)
         frag6_init();          frag6_init();
         ip6_desync_factor = cprng_fast32() % MAX_TEMP_DESYNC_FACTOR;          ip6_desync_factor = cprng_fast32() % MAX_TEMP_DESYNC_FACTOR;
   
         ip6_init2(NULL);          ip6_init2((void *)0);
 #ifdef GATEWAY  #ifdef GATEWAY
         ip6flow_init(ip6_hashsize);          ip6flow_init(ip6_hashsize);
 #endif  #endif
Line 276  ip6_input(struct mbuf *m)
Line 279  ip6_input(struct mbuf *m)
         int s, error;          int s, error;
 #endif  #endif
   
   #ifdef IPSEC
           /*
            * should the inner packet be considered authentic?
            * see comment in ah4_input().
            */
           m->m_flags &= ~M_AUTHIPHDR;
           m->m_flags &= ~M_AUTHIPDGM;
   #endif
   
         /*          /*
          * make sure we don't have onion peering information into m_tag.           * make sure we don't have onion peering information into m_tag.
          */           */
Line 339  ip6_input(struct mbuf *m)
Line 351  ip6_input(struct mbuf *m)
                 goto bad;                  goto bad;
         }          }
   
   #if defined(IPSEC)
           /* IPv6 fast forwarding is not compatible with IPsec. */
           m->m_flags &= ~M_CANFASTFWD;
   #else
         /*          /*
          * Assume that we can create a fast-forward IP flow entry           * Assume that we can create a fast-forward IP flow entry
          * based on this packet.           * based on this packet.
          */           */
         m->m_flags |= M_CANFASTFWD;          m->m_flags |= M_CANFASTFWD;
   #endif
   
 #ifdef PFIL_HOOKS  #ifdef PFIL_HOOKS
         /*          /*
Line 357  ip6_input(struct mbuf *m)
Line 374  ip6_input(struct mbuf *m)
          * let ipfilter look at packet on the wire,           * let ipfilter look at packet on the wire,
          * not the decapsulated packet.           * not the decapsulated packet.
          */           */
 #if defined(FAST_IPSEC)  #ifdef IPSEC
           if (!ipsec_getnhist(m))
   #elif defined(FAST_IPSEC)
         if (!ipsec_indone(m))          if (!ipsec_indone(m))
 #else  #else
         if (1)          if (1)
Line 766  ip6_input(struct mbuf *m)
Line 785  ip6_input(struct mbuf *m)
                         }                          }
                 }                  }
   
   #ifdef IPSEC
                   /*
                    * enforce IPsec policy checking if we are seeing last header.
                    * note that we do not visit this with protocols with pcb layer
                    * code - like udp/tcp/raw ip.
                    */
                   if ((inet6sw[ip6_protox[nxt]].pr_flags & PR_LASTHDR) != 0 &&
                       ipsec6_in_reject(m, NULL)) {
                           IPSEC6_STATINC(IPSEC_STAT_IN_POLVIO);
                           goto bad;
                   }
   #endif
 #ifdef FAST_IPSEC  #ifdef FAST_IPSEC
         /*          /*
          * enforce IPsec policy checking if we are seeing last header.           * enforce IPsec policy checking if we are seeing last header.
Line 851  ip6_getdstifaddr(struct mbuf *m)
Line 882  ip6_getdstifaddr(struct mbuf *m)
  *   *
  * rtalertp - XXX: should be stored more smart way   * rtalertp - XXX: should be stored more smart way
  */   */
 int  static int
 ip6_hopopts_input(u_int32_t *plenp, u_int32_t *rtalertp,  ip6_hopopts_input(u_int32_t *plenp, u_int32_t *rtalertp,
         struct mbuf **mp, int *offp)          struct mbuf **mp, int *offp)
 {  {
Line 896  ip6_hopopts_input(u_int32_t *plenp, u_in
Line 927  ip6_hopopts_input(u_int32_t *plenp, u_in
  * (RFC2460 p7), opthead is pointer into data content in m, and opthead to   * (RFC2460 p7), opthead is pointer into data content in m, and opthead to
  * opthead + hbhlen is located in continuous memory region.   * opthead + hbhlen is located in continuous memory region.
  */   */
 static int  int
 ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen,  ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen,
         u_int32_t *rtalertp, u_int32_t *plenp)          u_int32_t *rtalertp, u_int32_t *plenp)
 {  {
Line 1957  sysctl_net_inet6_ip6_setup(struct sysctl
Line 1988  sysctl_net_inet6_ip6_setup(struct sysctl
                         CTL_NET, PF_INET6, IPPROTO_IPV6,                          CTL_NET, PF_INET6, IPPROTO_IPV6,
                         CTL_CREATE, CTL_EOL);                          CTL_CREATE, CTL_EOL);
 #endif  #endif
         /* anonportalgo RFC6056 subtree */  
         const struct sysctlnode *portalgo_node;  
         sysctl_createv(clog, 0, NULL, &portalgo_node,  
                        CTLFLAG_PERMANENT,  
                        CTLTYPE_NODE, "anonportalgo",  
                        SYSCTL_DESCR("Anonymous port algorithm selection (RFC 6056)"),  
                        NULL, 0, NULL, 0,  
                        CTL_NET, PF_INET6, IPPROTO_IPV6, CTL_CREATE, CTL_EOL);  
         sysctl_createv(clog, 0, &portalgo_node, NULL,  
                        CTLFLAG_PERMANENT,  
                        CTLTYPE_STRING, "available",  
                        SYSCTL_DESCR("available algorithms"),  
                        sysctl_portalgo_available, 0, NULL, PORTALGO_MAXLEN,  
                        CTL_CREATE, CTL_EOL);  
         sysctl_createv(clog, 0, &portalgo_node, NULL,  
                        CTLFLAG_PERMANENT|CTLFLAG_READWRITE,  
                        CTLTYPE_STRING, "selected",  
                        SYSCTL_DESCR("selected algorithm"),  
                        sysctl_portalgo_selected6, 0, NULL, PORTALGO_MAXLEN,  
                        CTL_CREATE, CTL_EOL);  
         sysctl_createv(clog, 0, &portalgo_node, NULL,  
                        CTLFLAG_PERMANENT|CTLFLAG_READWRITE,  
                        CTLTYPE_STRUCT, "reserve",  
                        SYSCTL_DESCR("bitmap of reserved ports"),  
                        sysctl_portalgo_reserve6, 0, NULL, 0,  
                        CTL_CREATE, CTL_EOL);  
         sysctl_createv(clog, 0, NULL, NULL,  
                        CTLFLAG_PERMANENT|CTLFLAG_READWRITE,  
                        CTLTYPE_INT, "neighborgcthresh",  
                        SYSCTL_DESCR("Maximum number of entries in neighbor"  
                         " cache"),  
                        NULL, 1, &ip6_neighborgcthresh, 0,  
                        CTL_NET, PF_INET6, IPPROTO_IPV6,  
                        CTL_CREATE, CTL_EOL);  
         sysctl_createv(clog, 0, NULL, NULL,  
                        CTLFLAG_PERMANENT|CTLFLAG_READWRITE,  
                        CTLTYPE_INT, "maxifprefixes",  
                        SYSCTL_DESCR("Maximum number of prefixes created by"  
                            " route advertisement per interface"),  
                        NULL, 1, &ip6_maxifprefixes, 0,  
                        CTL_NET, PF_INET6, IPPROTO_IPV6,  
                        CTL_CREATE, CTL_EOL);  
         sysctl_createv(clog, 0, NULL, NULL,  
                        CTLFLAG_PERMANENT|CTLFLAG_READWRITE,  
                        CTLTYPE_INT, "maxifdefrouters",  
                        SYSCTL_DESCR("Maximum number of default routers created"  
                            " by route advertisement per interface"),  
                        NULL, 1, &ip6_maxifdefrouters, 0,  
                        CTL_NET, PF_INET6, IPPROTO_IPV6,  
                        CTL_CREATE, CTL_EOL);  
         sysctl_createv(clog, 0, NULL, NULL,  
                        CTLFLAG_PERMANENT|CTLFLAG_READWRITE,  
                        CTLTYPE_INT, "maxdynroutes",  
                        SYSCTL_DESCR("Maximum number of routes created via"  
                            " redirect"),  
                        NULL, 1, &ip6_maxdynroutes, 0,  
                        CTL_NET, PF_INET6, IPPROTO_IPV6,  
                        CTL_CREATE, CTL_EOL);  
 }  }
   
 void  void

Legend:
Removed from v.1.132.2.3  
changed lines
  Added in v.1.133

CVSweb <webmaster@jp.NetBSD.org>