-/* $OpenBSD: ip_ah.c,v 1.154 2021/07/27 17:13:03 mvs Exp $ */
+/* $OpenBSD: ip_ah.c,v 1.155 2021/10/13 14:36:31 bluhm Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
* AH output routine, called by ipsp_process_packet().
*/
int
-ah_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
- int protoff)
+ah_output(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
{
const struct auth_hash *ahx = tdb->tdb_authalgxform;
struct cryptodesc *crda;
-/* $OpenBSD: ip_esp.c,v 1.172 2021/07/27 17:13:03 mvs Exp $ */
+/* $OpenBSD: ip_esp.c,v 1.173 2021/10/13 14:36:31 bluhm Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
* ESP output routine, called by ipsp_process_packet().
*/
int
-esp_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
- int protoff)
+esp_output(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
{
const struct enc_xform *espx = tdb->tdb_encalgxform;
const struct auth_hash *esph = tdb->tdb_authalgxform;
-/* $OpenBSD: ip_ipcomp.c,v 1.74 2021/07/27 17:13:03 mvs Exp $ */
+/* $OpenBSD: ip_ipcomp.c,v 1.75 2021/10/13 14:36:31 bluhm Exp $ */
/*
* Copyright (c) 2001 Jean-Jacques Bernard-Gundol (jj@wabbitt.org)
* IPComp output routine, called by ipsp_process_packet()
*/
int
-ipcomp_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
- int protoff)
+ipcomp_output(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
{
const struct comp_algo *ipcompx = tdb->tdb_compalgxform;
int error, hlen;
-/* $OpenBSD: ip_ipip.c,v 1.94 2021/10/05 11:45:26 bluhm Exp $ */
+/* $OpenBSD: ip_ipip.c,v 1.95 2021/10/13 14:36:31 bluhm Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
}
int
-ipip_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int dummy,
- int dummy2)
+ipip_output(struct mbuf **mp, struct tdb *tdb)
{
+ struct mbuf *m = *mp;
u_int8_t tp, otos, itos;
u_int64_t obytes;
struct ip *ipo;
goto drop;
}
- M_PREPEND(m, sizeof(struct ip), M_DONTWAIT);
- if (m == NULL) {
+ M_PREPEND(*mp, sizeof(struct ip), M_DONTWAIT);
+ if (*mp == NULL) {
DPRINTF("M_PREPEND failed");
ipipstat_inc(ipips_hdrops);
error = ENOBUFS;
goto drop;
}
+ m = *mp;
ipo = mtod(m, struct ip *);
ip6->ip6_dst.s6_addr16[1] = 0;
}
- M_PREPEND(m, sizeof(struct ip6_hdr), M_DONTWAIT);
- if (m == NULL) {
+ M_PREPEND(*mp, sizeof(struct ip6_hdr), M_DONTWAIT);
+ if (*mp == NULL) {
DPRINTF("M_PREPEND failed");
ipipstat_inc(ipips_hdrops);
error = ENOBUFS;
goto drop;
}
+ m = *mp;
/* Initialize IPv6 header */
ip6o = mtod(m, struct ip6_hdr *);
goto drop;
}
- *mp = m;
ipipstat_pkt(ipips_opackets, ipips_obytes, obytes);
return 0;
drop:
- m_freem(m);
- *mp = NULL;
+ m_freemp(mp);
return error;
}
-/* $OpenBSD: ip_ipip.h,v 1.12 2021/10/05 11:45:26 bluhm Exp $ */
+/* $OpenBSD: ip_ipip.h,v 1.13 2021/10/13 14:36:31 bluhm Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
void ipip_init(void);
int ipip_input(struct mbuf **, int *, int, int);
int ipip_input_if(struct mbuf **, int *, int, int, struct ifnet *);
-int ipip_output(struct mbuf *, struct tdb *, struct mbuf **, int, int);
+int ipip_output(struct mbuf **, struct tdb *);
int ipip_sysctl(int *, u_int, void *, size_t *, void *, size_t);
extern int ipip_allow;
-/* $OpenBSD: ip_ipsp.c,v 1.245 2021/09/29 22:08:13 bluhm Exp $ */
+/* $OpenBSD: ip_ipsp.c,v 1.246 2021/10/13 14:36:31 bluhm Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr),
.xf_init = ipe4_init,
.xf_zeroize = ipe4_zeroize,
.xf_input = ipe4_input,
- .xf_output = ipip_output,
+ .xf_output = NULL,
},
{
.xf_type = XF_AH,
-/* $OpenBSD: ip_ipsp.h,v 1.209 2021/10/05 11:45:26 bluhm Exp $ */
+/* $OpenBSD: ip_ipsp.h,v 1.210 2021/10/13 14:36:31 bluhm Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr),
int (*xf_init)(struct tdb *, const struct xformsw *,
struct ipsecinit *);
int (*xf_zeroize)(struct tdb *); /* termination */
- int (*xf_input)(struct mbuf *, struct tdb *, int, int); /* input */
- int (*xf_output)(struct mbuf *, struct tdb *, struct mbuf **,
- int, int); /* output */
+ int (*xf_input)(struct mbuf *, struct tdb *, int, int);
+ int (*xf_output)(struct mbuf *, struct tdb *, int, int);
};
extern int ipsec_in_use;
int ah_zeroize(struct tdb *);
int ah_input(struct mbuf *, struct tdb *, int, int);
int ah_input_cb(struct tdb *, struct tdb_crypto *, struct mbuf *, int);
-int ah_output(struct mbuf *, struct tdb *, struct mbuf **, int, int);
+int ah_output(struct mbuf *, struct tdb *, int, int);
int ah_output_cb(struct tdb *, struct tdb_crypto *, struct mbuf *, int,
int);
int ah_sysctl(int *, u_int, void *, size_t *, void *, size_t);
int esp_zeroize(struct tdb *);
int esp_input(struct mbuf *, struct tdb *, int, int);
int esp_input_cb(struct tdb *, struct tdb_crypto *, struct mbuf *, int);
-int esp_output(struct mbuf *, struct tdb *, struct mbuf **, int, int);
+int esp_output(struct mbuf *, struct tdb *, int, int);
int esp_output_cb(struct tdb *, struct tdb_crypto *, struct mbuf *, int,
int);
int esp_sysctl(int *, u_int, void *, size_t *, void *, size_t);
int ipcomp_zeroize(struct tdb *);
int ipcomp_input(struct mbuf *, struct tdb *, int, int);
int ipcomp_input_cb(struct tdb *, struct tdb_crypto *, struct mbuf *, int);
-int ipcomp_output(struct mbuf *, struct tdb *, struct mbuf **, int, int);
+int ipcomp_output(struct mbuf *, struct tdb *, int, int);
int ipcomp_output_cb(struct tdb *, struct tdb_crypto *, struct mbuf *, int,
int);
int ipcomp_sysctl(int *, u_int, void *, size_t *, void *, size_t);
struct ipsecinit *);
int tcp_signature_tdb_zeroize(struct tdb *);
int tcp_signature_tdb_input(struct mbuf *, struct tdb *, int, int);
-int tcp_signature_tdb_output(struct mbuf *, struct tdb *, struct mbuf **,
- int, int);
+int tcp_signature_tdb_output(struct mbuf *, struct tdb *, int, int);
/* Replay window */
int checkreplaywindow(struct tdb *, u_int64_t, u_int32_t, u_int32_t *, int);
-/* $OpenBSD: ipsec_output.c,v 1.87 2021/10/05 11:45:26 bluhm Exp $ */
+/* $OpenBSD: ipsec_output.c,v 1.88 2021/10/13 14:36:31 bluhm Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
*
ipsp_process_packet(struct mbuf *m, struct tdb *tdb, int af, int tunalready)
{
int hlen, off, error;
- struct mbuf *mp;
#ifdef INET6
struct ip6_ext ip6e;
int nxt;
}
#endif /* INET6 */
- /* Encapsulate -- the last two arguments are unused. */
- error = ipip_output(m, tdb, &mp, 0, 0);
- if ((mp == NULL) && (!error))
+ /* Encapsulate -- m may be changed or set to NULL. */
+ error = ipip_output(&m, tdb);
+ if ((m == NULL) && (!error))
error = EFAULT;
- m = mp;
- mp = NULL;
if (error)
goto drop;
/* Remember that we appended a tunnel header. */
tdb->tdb_flags |= TDBF_USEDTUNNEL;
}
-
- /* We may be done with this TDB */
- if (tdb->tdb_xform->xf_type == XF_IP4)
- return ipsp_process_done(m, tdb);
- } else {
- /*
- * If this is just an IP-IP TDB and we're told there's
- * already an encapsulation header, move on.
- */
- if (tdb->tdb_xform->xf_type == XF_IP4)
- return ipsp_process_done(m, tdb);
}
+ /*
+ * If this is just an IP-IP TDB and we're told there's already an
+ * encapsulation header or ipip_output() has encapsulted it, move on.
+ */
+ if (tdb->tdb_xform->xf_type == XF_IP4)
+ return ipsp_process_done(m, tdb);
+
/* Extract some information off the headers. */
switch (tdb->tdb_dst.sa.sa_family) {
case AF_INET:
}
/* Invoke the IPsec transform. */
- return (*(tdb->tdb_xform->xf_output))(m, tdb, NULL, hlen, off);
+ return (*(tdb->tdb_xform->xf_output))(m, tdb, hlen, off);
drop:
m_freem(m);
-/* $OpenBSD: tcp_subr.c,v 1.179 2021/07/14 21:07:36 bluhm Exp $ */
+/* $OpenBSD: tcp_subr.c,v 1.180 2021/10/13 14:36:31 bluhm Exp $ */
/* $NetBSD: tcp_subr.c,v 1.22 1996/02/13 23:44:00 christos Exp $ */
/*
}
int
-tcp_signature_tdb_output(struct mbuf *m, struct tdb *tdbp, struct mbuf **mp,
- int skip, int protoff)
+tcp_signature_tdb_output(struct mbuf *m, struct tdb *tdbp, int skip,
+ int protoff)
{
return (EINVAL);
}
projects / openbsd / commitdiff