Tue Dec 1 01:01:34 2009 UTC ()
Cosmetic: fix indentation, change some spaces to tabs.


(dyoung)
diff -r1.28 -r1.29 src/sys/netipsec/ipsec_output.c
cvs diff -r1.28 -r1.29 src/sys/netipsec/ipsec_output.c (expand / switch to unified diff)

--- src/sys/netipsec/ipsec_output.c 2008/04/28 17:40:11 1.28
+++ src/sys/netipsec/ipsec_output.c 2009/12/01 01:01:34 1.29
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: ipsec_output.c,v 1.28 2008/04/28 17:40:11 degroote Exp $ */ 1/* $NetBSD: ipsec_output.c,v 1.29 2009/12/01 01:01:34 dyoung Exp $ */
2 2
3/*- 3/*-
4 * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting 4 * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * Redistribution and use in source and binary forms, with or without 7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions 8 * modification, are permitted provided that the following conditions
9 * are met: 9 * are met:
10 * 1. Redistributions of source code must retain the above copyright 10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer. 11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the 13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution. 14 * documentation and/or other materials provided with the distribution.
@@ -19,27 +19,27 @@ @@ -19,27 +19,27 @@
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE. 26 * SUCH DAMAGE.
27 * 27 *
28 * $FreeBSD: /repoman/r/ncvs/src/sys/netipsec/ipsec_output.c,v 1.3.2.2 2003/03/28 20:32:53 sam Exp $ 28 * $FreeBSD: /repoman/r/ncvs/src/sys/netipsec/ipsec_output.c,v 1.3.2.2 2003/03/28 20:32:53 sam Exp $
29 */ 29 */
30 30
31#include <sys/cdefs.h> 31#include <sys/cdefs.h>
32__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.28 2008/04/28 17:40:11 degroote Exp $"); 32__KERNEL_RCSID(0, "$NetBSD: ipsec_output.c,v 1.29 2009/12/01 01:01:34 dyoung Exp $");
33 33
34/* 34/*
35 * IPsec output processing. 35 * IPsec output processing.
36 */ 36 */
37#include "opt_inet.h" 37#include "opt_inet.h"
38#ifdef __FreeBSD__ 38#ifdef __FreeBSD__
39#include "opt_inet6.h" 39#include "opt_inet6.h"
40#endif 40#endif
41#include "opt_ipsec.h" 41#include "opt_ipsec.h"
42 42
43#include <sys/param.h> 43#include <sys/param.h>
44#include <sys/systm.h> 44#include <sys/systm.h>
45#include <sys/mbuf.h> 45#include <sys/mbuf.h>
@@ -201,27 +201,27 @@ ipsec_process_done(struct mbuf *m, struc @@ -201,27 +201,27 @@ ipsec_process_done(struct mbuf *m, struc
201 udp = (struct udphdr*) (mtod(mo, char*) + roff); 201 udp = (struct udphdr*) (mtod(mo, char*) + roff);
202 data = (uint64_t*) (udp + 1); 202 data = (uint64_t*) (udp + 1);
203 203
204 if (sav->natt_type == UDP_ENCAP_ESPINUDP_NON_IKE) 204 if (sav->natt_type == UDP_ENCAP_ESPINUDP_NON_IKE)
205 *data = 0; /* NON-IKE Marker */ 205 *data = 0; /* NON-IKE Marker */
206 206
207 if (sav->natt_type == UDP_ENCAP_ESPINUDP_NON_IKE) 207 if (sav->natt_type == UDP_ENCAP_ESPINUDP_NON_IKE)
208 udp->uh_sport = htons(UDP_ENCAP_ESPINUDP_PORT); 208 udp->uh_sport = htons(UDP_ENCAP_ESPINUDP_PORT);
209 else 209 else
210 udp->uh_sport = key_portfromsaddr(&saidx->src); 210 udp->uh_sport = key_portfromsaddr(&saidx->src);
211  211
212 udp->uh_dport = key_portfromsaddr(&saidx->dst); 212 udp->uh_dport = key_portfromsaddr(&saidx->dst);
213 udp->uh_sum = 0; 213 udp->uh_sum = 0;
214 udp->uh_ulen = htons(m->m_pkthdr.len - (ip->ip_hl << 2)); 214 udp->uh_ulen = htons(m->m_pkthdr.len - (ip->ip_hl << 2));
215 } 215 }
216#endif /* IPSEC_NAT_T */ 216#endif /* IPSEC_NAT_T */
217  217
218 switch (saidx->dst.sa.sa_family) { 218 switch (saidx->dst.sa.sa_family) {
219#ifdef INET 219#ifdef INET
220 case AF_INET: 220 case AF_INET:
221 /* Fix the header length, for AH processing. */ 221 /* Fix the header length, for AH processing. */
222 ip = mtod(m, struct ip *); 222 ip = mtod(m, struct ip *);
223 ip->ip_len = htons(m->m_pkthdr.len); 223 ip->ip_len = htons(m->m_pkthdr.len);
224#ifdef IPSEC_NAT_T 224#ifdef IPSEC_NAT_T
225 if (sav->natt_type != 0) 225 if (sav->natt_type != 0)
226 ip->ip_p = IPPROTO_UDP; 226 ip->ip_p = IPPROTO_UDP;
227#endif /* IPSEC_NAT_T */ 227#endif /* IPSEC_NAT_T */
@@ -253,41 +253,41 @@ ipsec_process_done(struct mbuf *m, struc @@ -253,41 +253,41 @@ ipsec_process_done(struct mbuf *m, struc
253 error = ENXIO; 253 error = ENXIO;
254 goto bad; 254 goto bad;
255 } 255 }
256 256
257 /* 257 /*
258 * If there's another (bundled) SA to apply, do so. 258 * If there's another (bundled) SA to apply, do so.
259 * Note that this puts a burden on the kernel stack size. 259 * Note that this puts a burden on the kernel stack size.
260 * If this is a problem we'll need to introduce a queue 260 * If this is a problem we'll need to introduce a queue
261 * to set the packet on so we can unwind the stack before 261 * to set the packet on so we can unwind the stack before
262 * doing further processing. 262 * doing further processing.
263 */ 263 */
264 if (isr->next) { 264 if (isr->next) {
265 IPSEC_STATINC(IPSEC_STAT_OUT_BUNDLESA); 265 IPSEC_STATINC(IPSEC_STAT_OUT_BUNDLESA);
266 switch ( saidx->dst.sa.sa_family ) { 266 switch ( saidx->dst.sa.sa_family ) {
267#ifdef INET 267#ifdef INET
268 case AF_INET: 268 case AF_INET:
269 return ipsec4_process_packet(m, isr->next, 0,0); 269 return ipsec4_process_packet(m, isr->next, 0,0);
270#endif /* INET */ 270#endif /* INET */
271#ifdef INET6 271#ifdef INET6
272 case AF_INET6: 272 case AF_INET6:
273 return ipsec6_process_packet(m,isr->next); 273 return ipsec6_process_packet(m,isr->next);
274#endif /* INET6 */ 274#endif /* INET6 */
275 default : 275 default :
276 DPRINTF(("ipsec_process_done: unknown protocol family %u\n", 276 DPRINTF(("ipsec_process_done: unknown protocol family %u\n",
277 saidx->dst.sa.sa_family)); 277 saidx->dst.sa.sa_family));
278 error = ENXIO; 278 error = ENXIO;
279 goto bad; 279 goto bad;
280 } 280 }
281 } 281 }
282 282
283 /* 283 /*
284 * We're done with IPsec processing,  284 * We're done with IPsec processing,
285 * mark that we have already processed the packet 285 * mark that we have already processed the packet
286 * transmit it packet using the appropriate network protocol (IP or IPv6).  286 * transmit it packet using the appropriate network protocol (IP or IPv6).
287 */ 287 */
288 288
289 if (ipsec_register_done(m, &error) < 0) 289 if (ipsec_register_done(m, &error) < 0)
290 goto bad; 290 goto bad;
291 291
292 return ipsec_reinject_ipstack(m, saidx->dst.sa.sa_family); 292 return ipsec_reinject_ipstack(m, saidx->dst.sa.sa_family);
293bad: 293bad: