Module Name: src Committed By: ozaki-r Date: Tue Jul 4 08:11:32 UTC 2017
Modified Files: src/sys/net: pfkeyv2.h src/sys/netipsec: ipsec_netbsd.c key.c Log Message: Introduce and use SADB_SASTATE_USABLE_P To generate a diff of this commit: cvs rdiff -u -r1.31 -r1.32 src/sys/net/pfkeyv2.h cvs rdiff -u -r1.41 -r1.42 src/sys/netipsec/ipsec_netbsd.c cvs rdiff -u -r1.164 -r1.165 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/net/pfkeyv2.h diff -u src/sys/net/pfkeyv2.h:1.31 src/sys/net/pfkeyv2.h:1.32 --- src/sys/net/pfkeyv2.h:1.31 Thu Apr 13 16:38:31 2017 +++ src/sys/net/pfkeyv2.h Tue Jul 4 08:11:32 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: pfkeyv2.h,v 1.31 2017/04/13 16:38:31 christos Exp $ */ +/* $NetBSD: pfkeyv2.h,v 1.32 2017/07/04 08:11:32 ozaki-r Exp $ */ /* $KAME: pfkeyv2.h,v 1.36 2003/07/25 09:33:37 itojun Exp $ */ /* @@ -339,6 +339,9 @@ struct sadb_x_nat_t_frag { #define SADB_SASTATE_DEAD 3 #define SADB_SASTATE_MAX 3 +#define SADB_SASTATE_USABLE_P(sav) \ + ((sav)->state == SADB_SASTATE_MATURE || (sav)->state == SADB_SASTATE_DYING) + #define SADB_SAFLAGS_PFS 1 /* Index: src/sys/netipsec/ipsec_netbsd.c diff -u src/sys/netipsec/ipsec_netbsd.c:1.41 src/sys/netipsec/ipsec_netbsd.c:1.42 --- src/sys/netipsec/ipsec_netbsd.c:1.41 Tue Jul 4 08:09:19 2017 +++ src/sys/netipsec/ipsec_netbsd.c Tue Jul 4 08:11:32 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_netbsd.c,v 1.41 2017/07/04 08:09:19 ozaki-r Exp $ */ +/* $NetBSD: ipsec_netbsd.c,v 1.42 2017/07/04 08:11:32 ozaki-r Exp $ */ /* $KAME: esp_input.c,v 1.60 2001/09/04 08:43:19 itojun Exp $ */ /* $KAME: ah_input.c,v 1.64 2001/09/04 08:43:19 itojun Exp $ */ @@ -32,7 +32,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: ipsec_netbsd.c,v 1.41 2017/07/04 08:09:19 ozaki-r Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ipsec_netbsd.c,v 1.42 2017/07/04 08:11:32 ozaki-r Exp $"); #if defined(_KERNEL_OPT) #include "opt_inet.h" @@ -111,9 +111,7 @@ ah4_ctlinput(int cmd, const struct socka IPPROTO_AH, ah->ah_spi, 0, 0); if (sav) { - if (sav->state == SADB_SASTATE_MATURE || - sav->state == SADB_SASTATE_DYING) { - + if (SADB_SASTATE_USABLE_P(sav)) { /* * Now that we've validated that we are actually * communicating with the host indicated in the @@ -159,9 +157,7 @@ esp4_ctlinput(int cmd, const struct sock IPPROTO_ESP, esp->esp_spi, 0, 0); if (sav) { - if (sav->state == SADB_SASTATE_MATURE || - sav->state == SADB_SASTATE_DYING) { - + if (SADB_SASTATE_USABLE_P(sav)) { /* * Now that we've validated that we are actually * communicating with the host indicated in the @@ -242,8 +238,7 @@ ah6_ctlinput(int cmd, const struct socka IPPROTO_AH, ahp->ah_spi, 0, 0); if (sav) { - if (sav->state == SADB_SASTATE_MATURE || - sav->state == SADB_SASTATE_DYING) + if (SADB_SASTATE_USABLE_P(sav)) valid++; KEY_FREESAV(&sav); } @@ -348,8 +343,7 @@ esp6_ctlinput(int cmd, const struct sock IPPROTO_ESP, espp->esp_spi, 0, 0); if (sav) { - if (sav->state == SADB_SASTATE_MATURE || - sav->state == SADB_SASTATE_DYING) + if (SADB_SASTATE_USABLE_P(sav)) valid++; KEY_FREESAV(&sav); } Index: src/sys/netipsec/key.c diff -u src/sys/netipsec/key.c:1.164 src/sys/netipsec/key.c:1.165 --- src/sys/netipsec/key.c:1.164 Sat Jun 10 14:21:01 2017 +++ src/sys/netipsec/key.c Tue Jul 4 08:11:32 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: key.c,v 1.164 2017/06/10 14:21:01 ozaki-r Exp $ */ +/* $NetBSD: key.c,v 1.165 2017/07/04 08:11:32 ozaki-r Exp $ */ /* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */ /* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */ @@ -32,7 +32,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.164 2017/06/10 14:21:01 ozaki-r Exp $"); +__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.165 2017/07/04 08:11:32 ozaki-r Exp $"); /* * This code is referd to RFC 2367 @@ -1191,8 +1191,7 @@ key_allocsa( /* sanity check */ KEY_CHKSASTATE(sav->state, state); /* do not return entries w/ unusable state */ - if (sav->state != SADB_SASTATE_MATURE && - sav->state != SADB_SASTATE_DYING) { + if (!SADB_SASTATE_USABLE_P(sav)) { KEYDEBUG_PRINTF(KEYDEBUG_MATCH, "bad state %d\n", sav->state); continue;