From 51d2b5388cc4454e954ac6bf26c358ddc84105a1 Mon Sep 17 00:00:00 2001 From: sashan Date: Mon, 5 Jun 2023 08:45:20 +0000 Subject: [PATCH] pfsync_update_state() is too paranoid about pf_state::pfsync_state. For example it should not be surprised if caller asks to remove state from pfsync queue which has been removed already. That kind of race is sorted out later when pfsync_update_state() calls to pfsync_q_ins()/pfsync_q_del(). Change relaxes pfsync_update_state() to panic on sync_state value which is unknown. OK dlg@ --- sys/net/if_pfsync.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c index 2bf93306da2..2457796b600 100644 --- a/sys/net/if_pfsync.c +++ b/sys/net/if_pfsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pfsync.c,v 1.316 2023/05/26 12:13:26 kn Exp $ */ +/* $OpenBSD: if_pfsync.c,v 1.317 2023/06/05 08:45:20 sashan Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff @@ -1991,6 +1991,11 @@ pfsync_update_state(struct pf_state *st) st->sync_updates = 0; break; + case PFSYNC_S_DEL: + case PFSYNC_S_COUNT: + case PFSYNC_S_DEFER: + break; + default: panic("pfsync_update_state: unexpected sync state %d", st->sync_state); -- 2.20.1