Module Name: src
Committed By: christos
Date: Mon Jun 16 03:34:45 UTC 2014
Modified Files:
src/sys/netipsec: key.c
Log Message:
cleanup debugging printfs and fix port endianness printing issue.
To generate a diff of this commit:
cvs rdiff -u -r1.90 -r1.91 src/sys/netipsec/key.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netipsec/key.c
diff -u src/sys/netipsec/key.c:1.90 src/sys/netipsec/key.c:1.91
--- src/sys/netipsec/key.c:1.90 Thu Jun 5 13:18:19 2014
+++ src/sys/netipsec/key.c Sun Jun 15 23:34:45 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.90 2014/06/05 17:18:19 christos Exp $ */
+/* $NetBSD: key.c,v 1.91 2014/06/16 03:34:45 christos Exp $ */
/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.90 2014/06/05 17:18:19 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.91 2014/06/16 03:34:45 christos Exp $");
/*
* This code is referd to RFC 2367
@@ -5082,81 +5082,82 @@ static int
key_handle_natt_info(struct secasvar *sav,
const struct sadb_msghdr *mhp)
{
+ const char *msg = "?" ;
+ struct sadb_x_nat_t_type *type;
+ struct sadb_x_nat_t_port *sport, *dport;
+ struct sadb_address *iaddr, *raddr;
+ struct sadb_x_nat_t_frag *frag;
- if (mhp->ext[SADB_X_EXT_NAT_T_OAI] != NULL)
- ipseclog((LOG_DEBUG,"update: NAT-T OAi present\n"));
- if (mhp->ext[SADB_X_EXT_NAT_T_OAR] != NULL)
- ipseclog((LOG_DEBUG,"update: NAT-T OAr present\n"));
+ if (mhp->ext[SADB_X_EXT_NAT_T_TYPE] == NULL ||
+ mhp->ext[SADB_X_EXT_NAT_T_SPORT] == NULL ||
+ mhp->ext[SADB_X_EXT_NAT_T_DPORT] == NULL)
+ return 0;
- if ((mhp->ext[SADB_X_EXT_NAT_T_TYPE] != NULL) &&
- (mhp->ext[SADB_X_EXT_NAT_T_SPORT] != NULL) &&
- (mhp->ext[SADB_X_EXT_NAT_T_DPORT] != NULL)) {
- struct sadb_x_nat_t_type *type;
- struct sadb_x_nat_t_port *sport;
- struct sadb_x_nat_t_port *dport;
- struct sadb_address *iaddr, *raddr;
- struct sadb_x_nat_t_frag *frag;
+ if (mhp->extlen[SADB_X_EXT_NAT_T_TYPE] < sizeof(*type)) {
+ msg = "TYPE";
+ goto bad;
+ }
- if ((mhp->extlen[SADB_X_EXT_NAT_T_TYPE] < sizeof(*type)) ||
- (mhp->extlen[SADB_X_EXT_NAT_T_SPORT] < sizeof(*sport)) ||
- (mhp->extlen[SADB_X_EXT_NAT_T_DPORT] < sizeof(*dport))) {
- ipseclog((LOG_DEBUG, "key_update: "
- "invalid message.\n"));
- return -1;
- }
+ if (mhp->extlen[SADB_X_EXT_NAT_T_SPORT] < sizeof(*sport)) {
+ msg = "SPORT";
+ goto bad;
+ }
- if ((mhp->ext[SADB_X_EXT_NAT_T_OAI] != NULL) &&
- (mhp->extlen[SADB_X_EXT_NAT_T_OAI] < sizeof(*iaddr))) {
- ipseclog((LOG_DEBUG, "key_update: invalid message\n"));
- return -1;
- }
+ if (mhp->extlen[SADB_X_EXT_NAT_T_DPORT] < sizeof(*dport)) {
+ msg = "DPORT";
+ goto bad;
+ }
- if ((mhp->ext[SADB_X_EXT_NAT_T_OAR] != NULL) &&
- (mhp->extlen[SADB_X_EXT_NAT_T_OAR] < sizeof(*raddr))) {
- ipseclog((LOG_DEBUG, "key_update: invalid message\n"));
- return -1;
+ if (mhp->ext[SADB_X_EXT_NAT_T_OAI] != NULL) {
+ ipseclog((LOG_DEBUG,"%s: NAT-T OAi present\n", __func__));
+ if (mhp->extlen[SADB_X_EXT_NAT_T_OAI] < sizeof(*iaddr)) {
+ msg = "OAI";
+ goto bad;
}
+ }
- if ((mhp->ext[SADB_X_EXT_NAT_T_FRAG] != NULL) &&
- (mhp->extlen[SADB_X_EXT_NAT_T_FRAG] < sizeof(*frag))) {
- ipseclog((LOG_DEBUG, "key_update: invalid message\n"));
- return -1;
+ if (mhp->ext[SADB_X_EXT_NAT_T_OAR] != NULL) {
+ ipseclog((LOG_DEBUG,"%s: NAT-T OAr present\n", __func__));
+ if (mhp->extlen[SADB_X_EXT_NAT_T_OAR] < sizeof(*raddr)) {
+ msg = "OAR";
+ goto bad;
}
+ }
- type = (struct sadb_x_nat_t_type *)
- mhp->ext[SADB_X_EXT_NAT_T_TYPE];
- sport = (struct sadb_x_nat_t_port *)
- mhp->ext[SADB_X_EXT_NAT_T_SPORT];
- dport = (struct sadb_x_nat_t_port *)
- mhp->ext[SADB_X_EXT_NAT_T_DPORT];
- iaddr = (struct sadb_address *)
- mhp->ext[SADB_X_EXT_NAT_T_OAI];
- raddr = (struct sadb_address *)
- mhp->ext[SADB_X_EXT_NAT_T_OAR];
- frag = (struct sadb_x_nat_t_frag *)
- mhp->ext[SADB_X_EXT_NAT_T_FRAG];
-
- ipseclog((LOG_DEBUG,
- "key_update: type %d, sport = %d, dport = %d\n",
- type->sadb_x_nat_t_type_type,
- sport->sadb_x_nat_t_port_port,
- dport->sadb_x_nat_t_port_port));
-
- if (type)
- sav->natt_type = type->sadb_x_nat_t_type_type;
- if (sport)
- key_porttosaddr(&sav->sah->saidx.src,
- sport->sadb_x_nat_t_port_port);
- if (dport)
- key_porttosaddr(&sav->sah->saidx.dst,
- dport->sadb_x_nat_t_port_port);
- if (frag)
- sav->esp_frag = frag->sadb_x_nat_t_frag_fraglen;
- else
- sav->esp_frag = IP_MAXPACKET;
+ if (mhp->ext[SADB_X_EXT_NAT_T_FRAG] != NULL) {
+ if (mhp->extlen[SADB_X_EXT_NAT_T_FRAG] < sizeof(*frag)) {
+ msg = "FRAG";
+ goto bad;
+ }
}
+ type = (struct sadb_x_nat_t_type *)mhp->ext[SADB_X_EXT_NAT_T_TYPE];
+ sport = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_SPORT];
+ dport = (struct sadb_x_nat_t_port *)mhp->ext[SADB_X_EXT_NAT_T_DPORT];
+ iaddr = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAI];
+ raddr = (struct sadb_address *)mhp->ext[SADB_X_EXT_NAT_T_OAR];
+ frag = (struct sadb_x_nat_t_frag *)mhp->ext[SADB_X_EXT_NAT_T_FRAG];
+
+ ipseclog((LOG_DEBUG, "%s: type %d, sport = %d, dport = %d\n",
+ __func__, type->sadb_x_nat_t_type_type,
+ ntohs(sport->sadb_x_nat_t_port_port),
+ ntohs(dport->sadb_x_nat_t_port_port)));
+
+ sav->natt_type = type->sadb_x_nat_t_type_type;
+ key_porttosaddr(&sav->sah->saidx.src,
+ sport->sadb_x_nat_t_port_port);
+ key_porttosaddr(&sav->sah->saidx.dst,
+ dport->sadb_x_nat_t_port_port);
+ if (frag)
+ sav->esp_frag = frag->sadb_x_nat_t_frag_fraglen;
+ else
+ sav->esp_frag = IP_MAXPACKET;
+
return 0;
+bad:
+ ipseclog((LOG_DEBUG, "%s: invalid message %s\n", __func__, msg));
+ __USE(msg);
+ return -1;
}
/* Just update the IPSEC_NAT_T ports if present */
@@ -5164,11 +5165,10 @@ static int
key_set_natt_ports(union sockaddr_union *src, union sockaddr_union *dst,
const struct sadb_msghdr *mhp)
{
-
if (mhp->ext[SADB_X_EXT_NAT_T_OAI] != NULL)
- ipseclog((LOG_DEBUG,"update: NAT-T OAi present\n"));
+ ipseclog((LOG_DEBUG,"%s: NAT-T OAi present\n", __func__));
if (mhp->ext[SADB_X_EXT_NAT_T_OAR] != NULL)
- ipseclog((LOG_DEBUG,"update: NAT-T OAr present\n"));
+ ipseclog((LOG_DEBUG,"%s: NAT-T OAr present\n", __func__));
if ((mhp->ext[SADB_X_EXT_NAT_T_TYPE] != NULL) &&
(mhp->ext[SADB_X_EXT_NAT_T_SPORT] != NULL) &&
@@ -5180,22 +5180,25 @@ key_set_natt_ports(union sockaddr_union
if ((mhp->extlen[SADB_X_EXT_NAT_T_TYPE] < sizeof(*type)) ||
(mhp->extlen[SADB_X_EXT_NAT_T_SPORT] < sizeof(*sport)) ||
(mhp->extlen[SADB_X_EXT_NAT_T_DPORT] < sizeof(*dport))) {
- ipseclog((LOG_DEBUG, "key_update: "
- "invalid message.\n"));
+ ipseclog((LOG_DEBUG, "%s: invalid message\n",
+ __func__));
return -1;
}
+ type = (struct sadb_x_nat_t_type *)
+ mhp->ext[SADB_X_EXT_NAT_T_TYPE];
sport = (struct sadb_x_nat_t_port *)
mhp->ext[SADB_X_EXT_NAT_T_SPORT];
dport = (struct sadb_x_nat_t_port *)
mhp->ext[SADB_X_EXT_NAT_T_DPORT];
- if (sport)
- key_porttosaddr(src,
- sport->sadb_x_nat_t_port_port);
- if (dport)
- key_porttosaddr(dst,
- dport->sadb_x_nat_t_port_port);
+ key_porttosaddr(src, sport->sadb_x_nat_t_port_port);
+ key_porttosaddr(dst, dport->sadb_x_nat_t_port_port);
+
+ ipseclog((LOG_DEBUG, "%s: type %d, sport = %d, dport = %d\n",
+ __func__, type->sadb_x_nat_t_type_type,
+ ntohs(sport->sadb_x_nat_t_port_port),
+ ntohs(dport->sadb_x_nat_t_port_port)));
}
return 0;
