Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

===================================================================
RCS file: /ftp/cvs/cvsroot/src/sys/netinet6/ip6_input.c,v
rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet6/ip6_input.c,v: warning: Unknown phrases like `commitid ...;' are present.
retrieving revision 1.73.2.2
retrieving revision 1.80
diff -u -p -r1.73.2.2 -r1.80
--- src/sys/netinet6/ip6_input.c	2006/05/24 02:37:15	1.73.2.2
+++ src/sys/netinet6/ip6_input.c	2005/12/11 12:25:02	1.80
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip6_input.c,v 1.73.2.2 2006/05/24 02:37:15 riz Exp $	*/
+/*	$NetBSD: ip6_input.c,v 1.80 2005/12/11 12:25:02 christos Exp $	*/
 /*	$KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.73.2.2 2006/05/24 02:37:15 riz Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.80 2005/12/11 12:25:02 christos Exp $");
 
 #include "opt_inet.h"
 #include "opt_ipsec.h"
@@ -112,11 +112,8 @@ __KERNEL_RCSID(0, "$NetBSD: ip6_input.c,
 
 #include <netinet6/ip6protosw.h>
 
-/* we need it for NLOOP. */
-#include "loop.h"
 #include "faith.h"
 #include "gif.h"
-#include "bpfilter.h"
 
 #if NGIF > 0
 #include <netinet6/in6_gif.h>
@@ -131,7 +128,6 @@ static int ip6qmaxlen = IFQ_MAXLEN;
 struct in6_ifaddr *in6_ifaddr;
 struct ifqueue ip6intrq;
 
-extern struct ifnet loif[NLOOP];
 int ip6_forward_srcrt;			/* XXX */
 int ip6_sourcecheck;			/* XXX */
 int ip6_sourcecheck_interval;		/* XXX */
@@ -154,16 +150,16 @@ static struct mbuf *ip6_pullexthdr __P((
 void
 ip6_init()
 {
-	struct ip6protosw *pr;
+	const struct ip6protosw *pr;
 	int i;
 
-	pr = (struct ip6protosw *)pffindproto(PF_INET6, IPPROTO_RAW, SOCK_RAW);
+	pr = (const struct ip6protosw *)pffindproto(PF_INET6, IPPROTO_RAW, SOCK_RAW);
 	if (pr == 0)
 		panic("ip6_init");
 	for (i = 0; i < IPPROTO_MAX; i++)
 		ip6_protox[i] = pr - inet6sw;
-	for (pr = (struct ip6protosw *)inet6domain.dom_protosw;
-	    pr < (struct ip6protosw *)inet6domain.dom_protoswNPROTOSW; pr++)
+	for (pr = (const struct ip6protosw *)inet6domain.dom_protosw;
+	    pr < (const struct ip6protosw *)inet6domain.dom_protoswNPROTOSW; pr++)
 		if (pr->pr_domain->dom_family == PF_INET6 &&
 		    pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW)
 			ip6_protox[pr->pr_protocol] = pr - inet6sw;
@@ -248,7 +244,7 @@ ip6_input(m)
 #define M2MMAX	(sizeof(ip6stat.ip6s_m2m)/sizeof(ip6stat.ip6s_m2m[0]))
 		if (m->m_next) {
 			if (m->m_flags & M_LOOP) {
-				ip6stat.ip6s_m2m[loif[0].if_index]++; /* XXX */
+				ip6stat.ip6s_m2m[lo0ifp->if_index]++; /* XXX */
 			} else if (m->m_pkthdr.rcvif->if_index < M2MMAX)
 				ip6stat.ip6s_m2m[m->m_pkthdr.rcvif->if_index]++;
 			else
@@ -997,12 +993,6 @@ ip6_savecontrol(in6p, mp, ip6, m)
 	struct ip6_hdr *ip6;
 	struct mbuf *m;
 {
-	struct proc *p = curproc;	/* XXX */
-	int privileged;
-
-	privileged = 0;
-	if (p && !suser(p->p_ucred, &p->p_acflag))
-		privileged++;
 
 #ifdef SO_TIMESTAMP
 	if (in6p->in6p_socket->so_options & SO_TIMESTAMP) {
@@ -1015,11 +1005,6 @@ ip6_savecontrol(in6p, mp, ip6, m)
 			mp = &(*mp)->m_next;
 	}
 #endif
-
-       /* some OSes call this logic with IPv4 packet, for SO_TIMESTAMP */
-       if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION)
-               return;
-
 	if (in6p->in6p_flags & IN6P_RECVDSTADDR) {
 		*mp = sbcreatecontrol((caddr_t) &ip6->ip6_dst,
 		    sizeof(struct in6_addr), IPV6_RECVDSTADDR, IPPROTO_IPV6);
@@ -1060,12 +1045,13 @@ ip6_savecontrol(in6p, mp, ip6, m)
 	/* IN6P_NEXTHOP - for outgoing packet only */
 
 	/*
-	 * IPV6_HOPOPTS socket option. We require super-user privilege
-	 * for the option, but it might be too strict, since there might
-	 * be some hop-by-hop options which can be returned to normal user.
-	 * See RFC 2292 section 6.
+	 * IPV6_HOPOPTS socket option.  Recall that we required super-user
+	 * privilege for the option (see ip6_ctloutput), but it might be too
+	 * strict, since there might be some hop-by-hop options which can be
+	 * returned to normal user.
+	 * See also RFC 2292 section 6.
 	 */
-	if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0 && privileged) {
+	if ((in6p->in6p_flags & IN6P_HOPOPTS) != 0) {
 		/*
 		 * Check if a hop-by-hop options header is contatined in the
 		 * received packet, and if so, store the options as ancillary
@@ -1073,14 +1059,14 @@ ip6_savecontrol(in6p, mp, ip6, m)
 		 * just after the IPv6 header, which fact is assured through
 		 * the IPv6 input processing.
 		 */
-		struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
-		if (ip6->ip6_nxt == IPPROTO_HOPOPTS) {
+		struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *);
+		if (xip6->ip6_nxt == IPPROTO_HOPOPTS) {
 			struct ip6_hbh *hbh;
 			int hbhlen;
 			struct mbuf *ext;
 
 			ext = ip6_pullexthdr(m, sizeof(struct ip6_hdr),
-			    ip6->ip6_nxt);
+			    xip6->ip6_nxt);
 			if (ext == NULL) {
 				ip6stat.ip6s_tooshort++;
 				return;
@@ -1109,8 +1095,8 @@ ip6_savecontrol(in6p, mp, ip6, m)
 
 	/* IPV6_DSTOPTS and IPV6_RTHDR socket options */
 	if (in6p->in6p_flags & (IN6P_DSTOPTS | IN6P_RTHDR)) {
-		struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
-		int nxt = ip6->ip6_nxt, off = sizeof(struct ip6_hdr);
+		struct ip6_hdr *xip6 = mtod(m, struct ip6_hdr *);
+		int nxt = xip6->ip6_nxt, off = sizeof(struct ip6_hdr);
 
 		/*
 		 * Search for destination options headers or routing
@@ -1160,14 +1146,6 @@ ip6_savecontrol(in6p, mp, ip6, m)
 				if (!in6p->in6p_flags & IN6P_DSTOPTS)
 					break;
 
-				/*
-				 * We also require super-user privilege for
-				 * the option.
-				 * See the comments on IN6_HOPOPTS.
-				 */
-				if (!privileged)
-					break;
-
 				*mp = sbcreatecontrol((caddr_t)ip6e, elen,
 				    IPV6_DSTOPTS, IPPROTO_IPV6);
 				if (*mp)
@@ -1499,12 +1477,6 @@ SYSCTL_SETUP(sysctl_net_inet6_ip6_setup,
 		       IPV6CTL_FORWSRCRT, CTL_EOL);
 	sysctl_createv(clog, 0, NULL, NULL,
 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
-		       CTLTYPE_STRUCT, "stats", NULL,
-		       NULL, 0, &?, sizeof(?),
-		       CTL_NET, PF_INET6, IPPROTO_IPV6,
-		       IPV6CTL_STATS, CTL_EOL);
-	sysctl_createv(clog, 0, NULL, NULL,
-		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 		       CTLTYPE_STRUCT, "mrtstats", NULL,
 		       NULL, 0, &?, sizeof(?),
 		       CTL_NET, PF_INET6, IPPROTO_IPV6,
@@ -1602,7 +1574,7 @@ SYSCTL_SETUP(sysctl_net_inet6_ip6_setup,
 		       CTLFLAG_PERMANENT,
 		       CTLTYPE_STRING, "kame_version",
 		       SYSCTL_DESCR("KAME Version"),
-		       NULL, 0, __KAME_VERSION, 0,
+		       NULL, 0, __UNCONST(__KAME_VERSION), 0,
 		       CTL_NET, PF_INET6, IPPROTO_IPV6,
 		       IPV6CTL_KAME_VERSION, CTL_EOL);
 	sysctl_createv(clog, 0, NULL, NULL,
@@ -1669,4 +1641,11 @@ SYSCTL_SETUP(sysctl_net_inet6_ip6_setup,
 		       NULL, 0, &ip6_maxfrags, 0,
 		       CTL_NET, PF_INET6, IPPROTO_IPV6,
 		       IPV6CTL_MAXFRAGS, CTL_EOL);
+	sysctl_createv(clog, 0, NULL, NULL,
+		       CTLFLAG_PERMANENT,
+		       CTLTYPE_STRUCT, "stats",
+		       SYSCTL_DESCR("IPv6 statistics"),
+		       NULL, 0, &ip6stat, sizeof(ip6stat),
+		       CTL_NET, PF_INET6, IPPROTO_IPV6,
+		       IPV6CTL_STATS, CTL_EOL);
 }