CVS commit: src/sys/netipsec

Fri, 18 Feb 2011 11:06:52 -0800 

Module Name:    src
Committed By:   drochner
Date:           Fri Feb 18 19:06:45 UTC 2011

Modified Files:
        src/sys/netipsec: ipsec.c ipsec.h xform.h xform_ah.c xform_esp.c
            xform_ipcomp.c xform_ipip.c xform_tcp.c

Log Message:
sprinkle some "const", documenting that the SA is not supposed to
change during an xform operation


To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.50 src/sys/netipsec/ipsec.c
cvs rdiff -u -r1.24 -r1.25 src/sys/netipsec/ipsec.h \
    src/sys/netipsec/xform_ipip.c
cvs rdiff -u -r1.4 -r1.5 src/sys/netipsec/xform.h
cvs rdiff -u -r1.29 -r1.30 src/sys/netipsec/xform_ah.c
cvs rdiff -u -r1.26 -r1.27 src/sys/netipsec/xform_esp.c
cvs rdiff -u -r1.22 -r1.23 src/sys/netipsec/xform_ipcomp.c
cvs rdiff -u -r1.5 -r1.6 src/sys/netipsec/xform_tcp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/netipsec/ipsec.c
diff -u src/sys/netipsec/ipsec.c:1.49 src/sys/netipsec/ipsec.c:1.50
--- src/sys/netipsec/ipsec.c:1.49	Fri Feb 11 17:53:35 2011
+++ src/sys/netipsec/ipsec.c	Fri Feb 18 19:06:45 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec.c,v 1.49 2011/02/11 17:53:35 drochner Exp $	*/
+/*	$NetBSD: ipsec.c,v 1.50 2011/02/18 19:06:45 drochner Exp $	*/
 /*	$FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $	*/
 /*	$KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $	*/
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.49 2011/02/11 17:53:35 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.50 2011/02/18 19:06:45 drochner Exp $");
 
 /*
  * IPsec controller part.
@@ -1937,7 +1937,7 @@
  * based on RFC 2401.
  */
 int
-ipsec_chkreplay(u_int32_t seq, struct secasvar *sav)
+ipsec_chkreplay(u_int32_t seq, const struct secasvar *sav)
 {
 	const struct secreplay *replay;
 	u_int32_t diff;
@@ -1995,7 +1995,7 @@
  *	1:	NG
  */
 int
-ipsec_updatereplay(u_int32_t seq, struct secasvar *sav)
+ipsec_updatereplay(u_int32_t seq, const struct secasvar *sav)
 {
 	struct secreplay *replay;
 	u_int32_t diff;
@@ -2127,7 +2127,7 @@
 
 /* Return a printable string for the address. */
 const char *
-ipsec_address(union sockaddr_union* sa)
+ipsec_address(const union sockaddr_union* sa)
 {
 	switch (sa->sa.sa_family) {
 #if INET
@@ -2146,11 +2146,11 @@
 }
 
 const char *
-ipsec_logsastr(struct secasvar *sav)
+ipsec_logsastr(const struct secasvar *sav)
 {
 	static char buf[256];
 	char *p;
-	struct secasindex *saidx = &sav->sah->saidx;
+	const struct secasindex *saidx = &sav->sah->saidx;
 
 	IPSEC_ASSERT(saidx->src.sa.sa_family == saidx->dst.sa.sa_family,
 		("ipsec_logsastr: address family mismatch"));

Index: src/sys/netipsec/ipsec.h
diff -u src/sys/netipsec/ipsec.h:1.24 src/sys/netipsec/ipsec.h:1.25
--- src/sys/netipsec/ipsec.h:1.24	Sun May 10 02:13:07 2009
+++ src/sys/netipsec/ipsec.h	Fri Feb 18 19:06:45 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsec.h,v 1.24 2009/05/10 02:13:07 elad Exp $	*/
+/*	$NetBSD: ipsec.h,v 1.25 2011/02/18 19:06:45 drochner Exp $	*/
 /*	$FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.h,v 1.2.4.2 2004/02/14 22:23:23 bms Exp $	*/
 /*	$KAME: ipsec.h,v 1.53 2001/11/20 08:32:38 itojun Exp $	*/
 
@@ -299,8 +299,8 @@
 
 struct secas;
 struct tcpcb;
-int ipsec_chkreplay (u_int32_t, struct secasvar *);
-int ipsec_updatereplay (u_int32_t, struct secasvar *);
+int ipsec_chkreplay (u_int32_t, const struct secasvar *);
+int ipsec_updatereplay (u_int32_t, const struct secasvar *);
 
 size_t ipsec4_hdrsiz (struct mbuf *, u_int, struct inpcb *);
 #ifdef __FreeBSD__
@@ -311,8 +311,8 @@
 #endif
 
 union sockaddr_union;
-const char *ipsec_address(union sockaddr_union* sa);
-const char *ipsec_logsastr (struct secasvar *);
+const char *ipsec_address(const union sockaddr_union* sa);
+const char *ipsec_logsastr (const struct secasvar *);
 
 void ipsec_dumpmbuf (struct mbuf *);
 
Index: src/sys/netipsec/xform_ipip.c
diff -u src/sys/netipsec/xform_ipip.c:1.24 src/sys/netipsec/xform_ipip.c:1.25
--- src/sys/netipsec/xform_ipip.c:1.24	Sun Apr 27 12:58:48 2008
+++ src/sys/netipsec/xform_ipip.c	Fri Feb 18 19:06:45 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_ipip.c,v 1.24 2008/04/27 12:58:48 degroote Exp $	*/
+/*	$NetBSD: xform_ipip.c,v 1.25 2011/02/18 19:06:45 drochner Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_ipip.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_ipip.c,v 1.25 2002/06/10 18:04:55 itojun Exp $ */
 
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.24 2008/04/27 12:58:48 degroote Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.25 2011/02/18 19:06:45 drochner Exp $");
 
 /*
  * IP-inside-IP processing
@@ -429,7 +429,7 @@
     int protoff
 )
 {
-	struct secasvar *sav;
+	const struct secasvar *sav;
 	u_int8_t tp, otos;
 	struct secasindex *saidx;
 	int error;
@@ -667,7 +667,7 @@
 static int
 ipe4_input(
     struct mbuf *m,
-    struct secasvar *sav,
+    const struct secasvar *sav,
     int skip,
     int protoff
 )

Index: src/sys/netipsec/xform.h
diff -u src/sys/netipsec/xform.h:1.4 src/sys/netipsec/xform.h:1.5
--- src/sys/netipsec/xform.h:1.4	Sun Mar  4 06:03:30 2007
+++ src/sys/netipsec/xform.h	Fri Feb 18 19:06:45 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: xform.h,v 1.4 2007/03/04 06:03:30 christos Exp $	*/
+/*	$NetBSD: xform.h,v 1.5 2011/02/18 19:06:45 drochner Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_ipsp.h,v 1.119 2002/03/14 01:27:11 millert Exp $	*/
 /*
@@ -91,7 +91,7 @@
 	const char	*xf_name;		/* human-readable name */
 	int	(*xf_init)(struct secasvar*, struct xformsw*);	/* setup */
 	int	(*xf_zeroize)(struct secasvar*);		/* cleanup */
-	int	(*xf_input)(struct mbuf*, struct secasvar*,	/* input */
+	int	(*xf_input)(struct mbuf*, const struct secasvar*, /* input */
 			int, int);
 	int	(*xf_output)(struct mbuf*,	       		/* output */
 			struct ipsecrequest *, struct mbuf **, int, int);

Index: src/sys/netipsec/xform_ah.c
diff -u src/sys/netipsec/xform_ah.c:1.29 src/sys/netipsec/xform_ah.c:1.30
--- src/sys/netipsec/xform_ah.c:1.29	Wed Feb 16 18:39:33 2011
+++ src/sys/netipsec/xform_ah.c	Fri Feb 18 19:06:45 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_ah.c,v 1.29 2011/02/16 18:39:33 drochner Exp $	*/
+/*	$NetBSD: xform_ah.c,v 1.30 2011/02/18 19:06:45 drochner Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
 /*
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.29 2011/02/16 18:39:33 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.30 2011/02/18 19:06:45 drochner Exp $");
 
 #include "opt_inet.h"
 #ifdef __FreeBSD__
@@ -598,7 +598,7 @@
  * passes authentication.
  */
 static int
-ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
+ah_input(struct mbuf *m, const struct secasvar *sav, int skip, int protoff)
 {
 	struct auth_hash *ahx;
 	struct tdb_ident *tdbi;
@@ -993,7 +993,7 @@
     int protoff
 )
 {
-	struct secasvar *sav;
+	const struct secasvar *sav;
 	struct auth_hash *ahx;
 	struct cryptodesc *crda;
 	struct tdb_crypto *tc;

Index: src/sys/netipsec/xform_esp.c
diff -u src/sys/netipsec/xform_esp.c:1.26 src/sys/netipsec/xform_esp.c:1.27
--- src/sys/netipsec/xform_esp.c:1.26	Mon Feb 14 18:49:31 2011
+++ src/sys/netipsec/xform_esp.c	Fri Feb 18 19:06:45 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_esp.c,v 1.26 2011/02/14 18:49:31 drochner Exp $	*/
+/*	$NetBSD: xform_esp.c,v 1.27 2011/02/18 19:06:45 drochner Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
 
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.26 2011/02/14 18:49:31 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.27 2011/02/18 19:06:45 drochner Exp $");
 
 #include "opt_inet.h"
 #ifdef __FreeBSD__
@@ -276,7 +276,7 @@
  * ESP input processing, called (eventually) through the protocol switch.
  */
 static int
-esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
+esp_input(struct mbuf *m, const struct secasvar *sav, int skip, int protoff)
 {
 	struct auth_hash *esph;
 	struct enc_xform *espx;
@@ -701,7 +701,7 @@
 	int hlen, rlen, plen, padding, blks, alen, i, roff;
 	struct mbuf *mo = (struct mbuf *) NULL;
 	struct tdb_crypto *tc;
-	struct secasvar *sav;
+	const struct secasvar *sav;
 	struct secasindex *saidx;
 	unsigned char *pad;
 	u_int8_t prot;

Index: src/sys/netipsec/xform_ipcomp.c
diff -u src/sys/netipsec/xform_ipcomp.c:1.22 src/sys/netipsec/xform_ipcomp.c:1.23
--- src/sys/netipsec/xform_ipcomp.c:1.22	Mon Feb 14 13:43:45 2011
+++ src/sys/netipsec/xform_ipcomp.c	Fri Feb 18 19:06:45 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_ipcomp.c,v 1.22 2011/02/14 13:43:45 drochner Exp $	*/
+/*	$NetBSD: xform_ipcomp.c,v 1.23 2011/02/18 19:06:45 drochner Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_ipcomp.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /* $OpenBSD: ip_ipcomp.c,v 1.1 2001/07/05 12:08:52 jjbg Exp $ */
 
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.22 2011/02/14 13:43:45 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ipcomp.c,v 1.23 2011/02/18 19:06:45 drochner Exp $");
 
 /* IP payload compression protocol (IPComp), see RFC 2393 */
 #include "opt_inet.h"
@@ -151,7 +151,7 @@
  * ipcomp_input() gets called to uncompress an input packet
  */
 static int
-ipcomp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
+ipcomp_input(struct mbuf *m, const struct secasvar *sav, int skip, int protoff)
 {
 	struct tdb_crypto *tc;
 	struct cryptodesc *crdc;
@@ -371,7 +371,7 @@
     int protoff
 )
 {
-	struct secasvar *sav;
+	const struct secasvar *sav;
 	struct comp_algo *ipcompx;
 	int error, ralen, hlen, maxpacketsize;
 	struct cryptodesc *crdc;

Index: src/sys/netipsec/xform_tcp.c
diff -u src/sys/netipsec/xform_tcp.c:1.5 src/sys/netipsec/xform_tcp.c:1.6
--- src/sys/netipsec/xform_tcp.c:1.5	Wed Mar 18 16:00:23 2009
+++ src/sys/netipsec/xform_tcp.c	Fri Feb 18 19:06:45 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_tcp.c,v 1.5 2009/03/18 16:00:23 cegger Exp $ */
+/*	$NetBSD: xform_tcp.c,v 1.6 2011/02/18 19:06:45 drochner Exp $ */
 /*	$FreeBSD: sys/netipsec/xform_tcp.c,v 1.1.2.1 2004/02/14 22:24:09 bms Exp $ */
 
 /*
@@ -31,7 +31,7 @@
 /* TCP MD5 Signature Option (RFC2385) */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_tcp.c,v 1.5 2009/03/18 16:00:23 cegger Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_tcp.c,v 1.6 2011/02/18 19:06:45 drochner Exp $");
 
 #include "opt_inet.h"
 
@@ -137,7 +137,7 @@
  * We do this from within tcp itself, so this routine is just a stub.
  */
 static int
-tcpsignature_input(struct mbuf *m, struct secasvar *sav, int skip,
+tcpsignature_input(struct mbuf *m, const struct secasvar *sav, int skip,
     int protoff)
 {

Reply via email to