Module Name: src
Committed By: ozaki-r
Date: Tue Jul 4 08:11:32 UTC 2017
Modified Files:
src/sys/net: pfkeyv2.h
src/sys/netipsec: ipsec_netbsd.c key.c
Log Message:
Introduce and use SADB_SASTATE_USABLE_P
To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.32 src/sys/net/pfkeyv2.h
cvs rdiff -u -r1.41 -r1.42 src/sys/netipsec/ipsec_netbsd.c
cvs rdiff -u -r1.164 -r1.165 src/sys/netipsec/key.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/pfkeyv2.h
diff -u src/sys/net/pfkeyv2.h:1.31 src/sys/net/pfkeyv2.h:1.32
--- src/sys/net/pfkeyv2.h:1.31 Thu Apr 13 16:38:31 2017
+++ src/sys/net/pfkeyv2.h Tue Jul 4 08:11:32 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: pfkeyv2.h,v 1.31 2017/04/13 16:38:31 christos Exp $ */
+/* $NetBSD: pfkeyv2.h,v 1.32 2017/07/04 08:11:32 ozaki-r Exp $ */
/* $KAME: pfkeyv2.h,v 1.36 2003/07/25 09:33:37 itojun Exp $ */
/*
@@ -339,6 +339,9 @@ struct sadb_x_nat_t_frag {
#define SADB_SASTATE_DEAD 3
#define SADB_SASTATE_MAX 3
+#define SADB_SASTATE_USABLE_P(sav) \
+ ((sav)->state == SADB_SASTATE_MATURE || (sav)->state == SADB_SASTATE_DYING)
+
#define SADB_SAFLAGS_PFS 1
/*
Index: src/sys/netipsec/ipsec_netbsd.c
diff -u src/sys/netipsec/ipsec_netbsd.c:1.41 src/sys/netipsec/ipsec_netbsd.c:1.42
--- src/sys/netipsec/ipsec_netbsd.c:1.41 Tue Jul 4 08:09:19 2017
+++ src/sys/netipsec/ipsec_netbsd.c Tue Jul 4 08:11:32 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec_netbsd.c,v 1.41 2017/07/04 08:09:19 ozaki-r Exp $ */
+/* $NetBSD: ipsec_netbsd.c,v 1.42 2017/07/04 08:11:32 ozaki-r Exp $ */
/* $KAME: esp_input.c,v 1.60 2001/09/04 08:43:19 itojun Exp $ */
/* $KAME: ah_input.c,v 1.64 2001/09/04 08:43:19 itojun Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec_netbsd.c,v 1.41 2017/07/04 08:09:19 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec_netbsd.c,v 1.42 2017/07/04 08:11:32 ozaki-r Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -111,9 +111,7 @@ ah4_ctlinput(int cmd, const struct socka
IPPROTO_AH, ah->ah_spi, 0, 0);
if (sav) {
- if (sav->state == SADB_SASTATE_MATURE ||
- sav->state == SADB_SASTATE_DYING) {
-
+ if (SADB_SASTATE_USABLE_P(sav)) {
/*
* Now that we've validated that we are actually
* communicating with the host indicated in the
@@ -159,9 +157,7 @@ esp4_ctlinput(int cmd, const struct sock
IPPROTO_ESP, esp->esp_spi, 0, 0);
if (sav) {
- if (sav->state == SADB_SASTATE_MATURE ||
- sav->state == SADB_SASTATE_DYING) {
-
+ if (SADB_SASTATE_USABLE_P(sav)) {
/*
* Now that we've validated that we are actually
* communicating with the host indicated in the
@@ -242,8 +238,7 @@ ah6_ctlinput(int cmd, const struct socka
IPPROTO_AH, ahp->ah_spi, 0, 0);
if (sav) {
- if (sav->state == SADB_SASTATE_MATURE ||
- sav->state == SADB_SASTATE_DYING)
+ if (SADB_SASTATE_USABLE_P(sav))
valid++;
KEY_FREESAV(&sav);
}
@@ -348,8 +343,7 @@ esp6_ctlinput(int cmd, const struct sock
IPPROTO_ESP, espp->esp_spi, 0, 0);
if (sav) {
- if (sav->state == SADB_SASTATE_MATURE ||
- sav->state == SADB_SASTATE_DYING)
+ if (SADB_SASTATE_USABLE_P(sav))
valid++;
KEY_FREESAV(&sav);
}
Index: src/sys/netipsec/key.c
diff -u src/sys/netipsec/key.c:1.164 src/sys/netipsec/key.c:1.165
--- src/sys/netipsec/key.c:1.164 Sat Jun 10 14:21:01 2017
+++ src/sys/netipsec/key.c Tue Jul 4 08:11:32 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.164 2017/06/10 14:21:01 ozaki-r Exp $ */
+/* $NetBSD: key.c,v 1.165 2017/07/04 08:11:32 ozaki-r Exp $ */
/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.164 2017/06/10 14:21:01 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.165 2017/07/04 08:11:32 ozaki-r Exp $");
/*
* This code is referd to RFC 2367
@@ -1191,8 +1191,7 @@ key_allocsa(
/* sanity check */
KEY_CHKSASTATE(sav->state, state);
/* do not return entries w/ unusable state */
- if (sav->state != SADB_SASTATE_MATURE &&
- sav->state != SADB_SASTATE_DYING) {
+ if (!SADB_SASTATE_USABLE_P(sav)) {
KEYDEBUG_PRINTF(KEYDEBUG_MATCH,
"bad state %d\n", sav->state);
continue;
