 @@ -1,1147 +1,1147 @@
-/*	$NetBSD: tcp_input.c,v 1.291.4.5 2010/06/11 23:36:07 riz Exp $	*/
+/*	$NetBSD: tcp_input.c,v 1.291.4.5.6.1 2015/07/24 07:44:35 martin Exp $	*/
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. Neither the name of the project nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 /*
  *      @(#)COPYRIGHT   1.1 (NRL) 17 January 1995
+ *
  * NRL grants permission for redistribution and use in source and binary
  * forms, with or without modification, of the software and documentation
  * created at NRL provided that the following conditions are met:
+ *
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. All advertising materials mentioning features or use of this software
  *    must display the following acknowledgements:
  *      This product includes software developed by the University of
  *      California, Berkeley and its contributors.
  *      This product includes software developed at the Information
  *      Technology Division, US Naval Research Laboratory.
  * 4. Neither the name of the NRL nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
+ *
  * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS
  * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
  * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL NRL OR
  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
  * The views and conclusions contained in the software and documentation
  * are those of the authors and should not be interpreted as representing
  * official policies, either expressed or implied, of the US Naval
  * Research Laboratory (NRL).
  */
 /*-
  * Copyright (c) 1997, 1998, 1999, 2001, 2005, 2006 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Jason R. Thorpe and Kevin M. Lahey of the Numerical Aerospace Simulation
  * Facility, NASA Ames Research Center.
  * This code is derived from software contributed to The NetBSD Foundation
  * by Charles M. Hannum.
  * This code is derived from software contributed to The NetBSD Foundation
  * by Rui Paulo.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 /*
  * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1994, 1995
  *	The Regents of the University of California.  All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. Neither the name of the University nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
  *	@(#)tcp_input.c	8.12 (Berkeley) 5/24/95
  */
 /*
  *	TODO list for SYN cache stuff:
+ *
  *	Find room for a "state" field, which is needed to keep a
  *	compressed state for TIME_WAIT TCBs.  It's been noted already
  *	that this is fairly important for very high-volume web and
  *	mail servers, which use a large number of short-lived
  *	connections.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_input.c,v 1.291.4.5 2010/06/11 23:36:07 riz Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_input.c,v 1.291.4.5.6.1 2015/07/24 07:44:35 martin Exp $");
 #include "opt_inet.h"
 #include "opt_ipsec.h"
 #include "opt_inet_csum.h"
 #include "opt_tcp_debug.h"
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/malloc.h>
 #include <sys/mbuf.h>
 #include <sys/protosw.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
 #include <sys/errno.h>
 #include <sys/syslog.h>
 #include <sys/pool.h>
 #include <sys/domain.h>
 #include <sys/kernel.h>
 #ifdef TCP_SIGNATURE
 #include <sys/md5.h>
 #endif
 #include <sys/lwp.h> /* for lwp0 */
 #include <net/if.h>
 #include <net/route.h>
 #include <net/if_types.h>
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 #include <netinet/ip.h>
 #include <netinet/in_pcb.h>
 #include <netinet/in_var.h>
 #include <netinet/ip_var.h>
 #include <netinet/in_offload.h>
 #ifdef INET6
 #ifndef INET
 #include <netinet/in.h>
 #endif
 #include <netinet/ip6.h>
 #include <netinet6/ip6_var.h>
 #include <netinet6/in6_pcb.h>
 #include <netinet6/ip6_var.h>
 #include <netinet6/in6_var.h>
 #include <netinet/icmp6.h>
 #include <netinet6/nd6.h>
 #ifdef TCP_SIGNATURE
 #include <netinet6/scope6_var.h>
 #endif
 #endif
 #ifndef INET6
 /* always need ip6.h for IP6_EXTHDR_GET */
 #include <netinet/ip6.h>
 #endif
 #include <netinet/tcp.h>
 #include <netinet/tcp_fsm.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
 #include <netinet/tcp_private.h>
 #include <netinet/tcpip.h>
 #include <netinet/tcp_congctl.h>
 #include <netinet/tcp_debug.h>
 #include <machine/stdarg.h>
 #ifdef IPSEC
 #include <netinet6/ipsec.h>
 #include <netinet6/ipsec_private.h>
 #include <netkey/key.h>
 #endif /*IPSEC*/
 #ifdef INET6
 #include "faith.h"
 #if defined(NFAITH) && NFAITH > 0
 #include <net/if_faith.h>
 #endif
 #endif	/* IPSEC */
 #ifdef FAST_IPSEC
 #include <netipsec/ipsec.h>
 #include <netipsec/ipsec_var.h>
 #include <netipsec/ipsec_private.h>
 #include <netipsec/key.h>
 #ifdef INET6
 #include <netipsec/ipsec6.h>
 #endif
 #endif	/* FAST_IPSEC*/
 int	tcprexmtthresh = 3;
 int	tcp_log_refused;
 int	tcp_do_autorcvbuf = 0;
 int	tcp_autorcvbuf_inc = 16 * 1024;
 int	tcp_autorcvbuf_max = 256 * 1024;
 int	tcp_msl = (TCPTV_MSL / PR_SLOWHZ);
 static int tcp_rst_ppslim_count = 0;
 static struct timeval tcp_rst_ppslim_last;
 static int tcp_ackdrop_ppslim_count = 0;
 static struct timeval tcp_ackdrop_ppslim_last;
 #define TCP_PAWS_IDLE	(24U * 24 * 60 * 60 * PR_SLOWHZ)
 /* for modulo comparisons of timestamps */
 #define TSTMP_LT(a,b)	((int)((a)-(b)) < 0)
 #define TSTMP_GEQ(a,b)	((int)((a)-(b)) >= 0)
 /*
  * Neighbor Discovery, Neighbor Unreachability Detection Upper layer hint.
  */
 #ifdef INET6
 static inline void
 nd6_hint(struct tcpcb *tp)
+{
 	struct rtentry *rt;
 	if (tp != NULL && tp->t_in6pcb != NULL && tp->t_family == AF_INET6 &&
 	    (rt = rtcache_validate(&tp->t_in6pcb->in6p_route)) != NULL)
 		nd6_nud_hint(rt, NULL, 0);
+}
 #else
 static inline void
 nd6_hint(struct tcpcb *tp)
+{
+}
 #endif
 /*
  * Compute ACK transmission behavior.  Delay the ACK unless
  * we have already delayed an ACK (must send an ACK every two segments).
  * We also ACK immediately if we received a PUSH and the ACK-on-PUSH
  * option is enabled.
  */
 static void
 tcp_setup_ack(struct tcpcb *tp, const struct tcphdr *th)
+{
 	if (tp->t_flags & TF_DELACK ||
 	    (tcp_ack_on_push && th->th_flags & TH_PUSH))
 		tp->t_flags |= TF_ACKNOW;
 	else
 		TCP_SET_DELACK(tp);
+}
 static void
 icmp_check(struct tcpcb *tp, const struct tcphdr *th, int acked)
+{
 	/*
 	 * If we had a pending ICMP message that refers to data that have
 	 * just been acknowledged, disregard the recorded ICMP message.
 	 */
 	if ((tp->t_flags & TF_PMTUD_PEND) &&
 	    SEQ_GT(th->th_ack, tp->t_pmtud_th_seq))
 		tp->t_flags &= ~TF_PMTUD_PEND;
 	/*
 	 * Keep track of the largest chunk of data
 	 * acknowledged since last PMTU update
 	 */
 	if (tp->t_pmtud_mss_acked < acked)
 		tp->t_pmtud_mss_acked = acked;
+}
 /*
  * Convert TCP protocol fields to host order for easier processing.
  */
 static void
 tcp_fields_to_host(struct tcphdr *th)
+{
 	NTOHL(th->th_seq);
 	NTOHL(th->th_ack);
 	NTOHS(th->th_win);
 	NTOHS(th->th_urp);
+}
 /*
  * ... and reverse the above.
  */
 static void
 tcp_fields_to_net(struct tcphdr *th)
+{
 	HTONL(th->th_seq);
 	HTONL(th->th_ack);
 	HTONS(th->th_win);
 	HTONS(th->th_urp);
+}
 #ifdef TCP_CSUM_COUNTERS
 #include <sys/device.h>
 #if defined(INET)
 extern struct evcnt tcp_hwcsum_ok;
 extern struct evcnt tcp_hwcsum_bad;
 extern struct evcnt tcp_hwcsum_data;
 extern struct evcnt tcp_swcsum;
 #endif /* defined(INET) */
 #if defined(INET6)
 extern struct evcnt tcp6_hwcsum_ok;
 extern struct evcnt tcp6_hwcsum_bad;
 extern struct evcnt tcp6_hwcsum_data;
 extern struct evcnt tcp6_swcsum;
 #endif /* defined(INET6) */
 #define	TCP_CSUM_COUNTER_INCR(ev)	(ev)->ev_count++
 #else
 #define	TCP_CSUM_COUNTER_INCR(ev)	/* nothing */
 #endif /* TCP_CSUM_COUNTERS */
 #ifdef TCP_REASS_COUNTERS
 #include <sys/device.h>
 extern struct evcnt tcp_reass_;
 extern struct evcnt tcp_reass_empty;
 extern struct evcnt tcp_reass_iteration[8];
 extern struct evcnt tcp_reass_prependfirst;
 extern struct evcnt tcp_reass_prepend;
 extern struct evcnt tcp_reass_insert;
 extern struct evcnt tcp_reass_inserttail;
 extern struct evcnt tcp_reass_append;
 extern struct evcnt tcp_reass_appendtail;
 extern struct evcnt tcp_reass_overlaptail;
 extern struct evcnt tcp_reass_overlapfront;
 extern struct evcnt tcp_reass_segdup;
 extern struct evcnt tcp_reass_fragdup;
 #define	TCP_REASS_COUNTER_INCR(ev)	(ev)->ev_count++
 #else
 #define	TCP_REASS_COUNTER_INCR(ev)	/* nothing */
 #endif /* TCP_REASS_COUNTERS */
 static int tcp_reass(struct tcpcb *, const struct tcphdr *, struct mbuf *,
     int *);
 static int tcp_dooptions(struct tcpcb *, const u_char *, int,
     struct tcphdr *, struct mbuf *, int, struct tcp_opt_info *);
 #ifdef INET
 static void tcp4_log_refused(const struct ip *, const struct tcphdr *);
 #endif
 #ifdef INET6
 static void tcp6_log_refused(const struct ip6_hdr *, const struct tcphdr *);
 #endif
 #define	TRAVERSE(x) while ((x)->m_next) (x) = (x)->m_next
 #if defined(MBUFTRACE)
 struct mowner tcp_reass_mowner = MOWNER_INIT("tcp", "reass");
 #endif /* defined(MBUFTRACE) */
 static POOL_INIT(tcpipqent_pool, sizeof(struct ipqent), 0, 0, 0, "tcpipqepl",
     NULL, IPL_VM);
 struct ipqent *
 tcpipqent_alloc(void)
+{
 	struct ipqent *ipqe;
 	int s;
 	s = splvm();
 	ipqe = pool_get(&tcpipqent_pool, PR_NOWAIT);
 	splx(s);
 	return ipqe;
+}
 void
 tcpipqent_free(struct ipqent *ipqe)
+{
 	int s;
 	s = splvm();
 	pool_put(&tcpipqent_pool, ipqe);
 	splx(s);
+}
 static int
 tcp_reass(struct tcpcb *tp, const struct tcphdr *th, struct mbuf *m, int *tlen)
+{
 	struct ipqent *p, *q, *nq, *tiqe = NULL;
 	struct socket *so = NULL;
 	int pkt_flags;
 	tcp_seq pkt_seq;
 	unsigned pkt_len;
 	u_long rcvpartdupbyte = 0;
 	u_long rcvoobyte;
 #ifdef TCP_REASS_COUNTERS
 	u_int count = 0;
 #endif
 	uint64_t *tcps;
 	if (tp->t_inpcb)
 		so = tp->t_inpcb->inp_socket;
 #ifdef INET6
 	else if (tp->t_in6pcb)
 		so = tp->t_in6pcb->in6p_socket;
 #endif
 	TCP_REASS_LOCK_CHECK(tp);
 	/*
 	 * Call with th==0 after become established to
 	 * force pre-ESTABLISHED data up to user socket.
 	 */
 	if (th == 0)
 		goto present;
 	m_claimm(m, &tcp_reass_mowner);
 	rcvoobyte = *tlen;
 	/*
 	 * Copy these to local variables because the tcpiphdr
 	 * gets munged while we are collapsing mbufs.
 	 */
 	pkt_seq = th->th_seq;
 	pkt_len = *tlen;
 	pkt_flags = th->th_flags;
 	TCP_REASS_COUNTER_INCR(&tcp_reass_);
 	if ((p = TAILQ_LAST(&tp->segq, ipqehead)) != NULL) {
 		/*
 		 * When we miss a packet, the vast majority of time we get
 		 * packets that follow it in order.  So optimize for that.
 		 */
 		if (pkt_seq == p->ipqe_seq + p->ipqe_len) {
 			p->ipqe_len += pkt_len;
 			p->ipqe_flags |= pkt_flags;
 			m_cat(p->ipre_mlast, m);
 			TRAVERSE(p->ipre_mlast);
 			m = NULL;
 			tiqe = p;
 			TAILQ_REMOVE(&tp->timeq, p, ipqe_timeq);
 			TCP_REASS_COUNTER_INCR(&tcp_reass_appendtail);
 			goto skip_replacement;
+		}
 		/*
 		 * While we're here, if the pkt is completely beyond
 		 * anything we have, just insert it at the tail.
 		 */
 		if (SEQ_GT(pkt_seq, p->ipqe_seq + p->ipqe_len)) {
 			TCP_REASS_COUNTER_INCR(&tcp_reass_inserttail);
 			goto insert_it;
+		}
+	}
 	q = TAILQ_FIRST(&tp->segq);
 	if (q != NULL) {
 		/*
 		 * If this segment immediately precedes the first out-of-order
 		 * block, simply slap the segment in front of it and (mostly)
 		 * skip the complicated logic.
 		 */
 		if (pkt_seq + pkt_len == q->ipqe_seq) {
 			q->ipqe_seq = pkt_seq;
 			q->ipqe_len += pkt_len;
 			q->ipqe_flags |= pkt_flags;
 			m_cat(m, q->ipqe_m);
 			q->ipqe_m = m;
 			q->ipre_mlast = m; /* last mbuf may have changed */
 			TRAVERSE(q->ipre_mlast);
 			tiqe = q;
 			TAILQ_REMOVE(&tp->timeq, q, ipqe_timeq);
 			TCP_REASS_COUNTER_INCR(&tcp_reass_prependfirst);
 			goto skip_replacement;
+		}
 	} else {
 		TCP_REASS_COUNTER_INCR(&tcp_reass_empty);
+	}
 	/*
 	 * Find a segment which begins after this one does.
 	 */
 	for (p = NULL; q != NULL; q = nq) {
 		nq = TAILQ_NEXT(q, ipqe_q);
 #ifdef TCP_REASS_COUNTERS
 		count++;
 #endif
 		/*
 		 * If the received segment is just right after this
 		 * fragment, merge the two together and then check
 		 * for further overlaps.
 		 */
 		if (q->ipqe_seq + q->ipqe_len == pkt_seq) {
 #ifdef TCPREASS_DEBUG
 			printf("tcp_reass[%p]: concat %u:%u(%u) to %u:%u(%u)\n",
 			       tp, pkt_seq, pkt_seq + pkt_len, pkt_len,
 			       q->ipqe_seq, q->ipqe_seq + q->ipqe_len, q->ipqe_len);
 #endif
 			pkt_len += q->ipqe_len;
 			pkt_flags |= q->ipqe_flags;
 			pkt_seq = q->ipqe_seq;
 			m_cat(q->ipre_mlast, m);
 			TRAVERSE(q->ipre_mlast);
 			m = q->ipqe_m;
 			TCP_REASS_COUNTER_INCR(&tcp_reass_append);
 			goto free_ipqe;
+		}
 		/*
 		 * If the received segment is completely past this
 		 * fragment, we need to go the next fragment.
 		 */
 		if (SEQ_LT(q->ipqe_seq + q->ipqe_len, pkt_seq)) {
 			p = q;
 			continue;
+		}
 		/*
 		 * If the fragment is past the received segment,
 		 * it (or any following) can't be concatenated.
 		 */
 		if (SEQ_GT(q->ipqe_seq, pkt_seq + pkt_len)) {
 			TCP_REASS_COUNTER_INCR(&tcp_reass_insert);
 			break;
+		}
 		/*
 		 * We've received all the data in this segment before.
 		 * mark it as a duplicate and return.
 		 */
 		if (SEQ_LEQ(q->ipqe_seq, pkt_seq) &&
 		    SEQ_GEQ(q->ipqe_seq + q->ipqe_len, pkt_seq + pkt_len)) {
 			tcps = TCP_STAT_GETREF();
 			tcps[TCP_STAT_RCVDUPPACK]++;
 			tcps[TCP_STAT_RCVDUPBYTE] += pkt_len;
 			TCP_STAT_PUTREF();
 			tcp_new_dsack(tp, pkt_seq, pkt_len);
 			m_freem(m);
 			if (tiqe != NULL) {
 				tcpipqent_free(tiqe);
+			}
 			TCP_REASS_COUNTER_INCR(&tcp_reass_segdup);
 			return (0);
+		}
 		/*
 		 * Received segment completely overlaps this fragment
 		 * so we drop the fragment (this keeps the temporal
 		 * ordering of segments correct).
 		 */
 		if (SEQ_GEQ(q->ipqe_seq, pkt_seq) &&
 		    SEQ_LEQ(q->ipqe_seq + q->ipqe_len, pkt_seq + pkt_len)) {
 			rcvpartdupbyte += q->ipqe_len;
 			m_freem(q->ipqe_m);
 			TCP_REASS_COUNTER_INCR(&tcp_reass_fragdup);
 			goto free_ipqe;
+		}
 		/*
 		 * RX'ed segment extends past the end of the
 		 * fragment.  Drop the overlapping bytes.  Then
 		 * merge the fragment and segment then treat as
 		 * a longer received packet.
 		 */
 		if (SEQ_LT(q->ipqe_seq, pkt_seq) &&
 		    SEQ_GT(q->ipqe_seq + q->ipqe_len, pkt_seq))  {
 			int overlap = q->ipqe_seq + q->ipqe_len - pkt_seq;
 #ifdef TCPREASS_DEBUG
 			printf("tcp_reass[%p]: trim starting %d bytes of %u:%u(%u)\n",
 			       tp, overlap,
 			       pkt_seq, pkt_seq + pkt_len, pkt_len);
 #endif
 			m_adj(m, overlap);
 			rcvpartdupbyte += overlap;
 			m_cat(q->ipre_mlast, m);
 			TRAVERSE(q->ipre_mlast);
 			m = q->ipqe_m;
 			pkt_seq = q->ipqe_seq;
 			pkt_len += q->ipqe_len - overlap;
 			rcvoobyte -= overlap;
 			TCP_REASS_COUNTER_INCR(&tcp_reass_overlaptail);
 			goto free_ipqe;
+		}
 		/*
 		 * RX'ed segment extends past the front of the
 		 * fragment.  Drop the overlapping bytes on the
 		 * received packet.  The packet will then be
 		 * contatentated with this fragment a bit later.
 		 */
 		if (SEQ_GT(q->ipqe_seq, pkt_seq) &&
 		    SEQ_LT(q->ipqe_seq, pkt_seq + pkt_len))  {
 			int overlap = pkt_seq + pkt_len - q->ipqe_seq;
 #ifdef TCPREASS_DEBUG
 			printf("tcp_reass[%p]: trim trailing %d bytes of %u:%u(%u)\n",
 			       tp, overlap,
 			       pkt_seq, pkt_seq + pkt_len, pkt_len);
 #endif
 			m_adj(m, -overlap);
 			pkt_len -= overlap;
 			rcvpartdupbyte += overlap;
 			TCP_REASS_COUNTER_INCR(&tcp_reass_overlapfront);
 			rcvoobyte -= overlap;
+		}
 		/*
 		 * If the received segment immediates precedes this
 		 * fragment then tack the fragment onto this segment
 		 * and reinsert the data.
 		 */
 		if (q->ipqe_seq == pkt_seq + pkt_len) {
 #ifdef TCPREASS_DEBUG
 			printf("tcp_reass[%p]: append %u:%u(%u) to %u:%u(%u)\n",
 			       tp, q->ipqe_seq, q->ipqe_seq + q->ipqe_len, q->ipqe_len,
 			       pkt_seq, pkt_seq + pkt_len, pkt_len);
 #endif
 			pkt_len += q->ipqe_len;
 			pkt_flags |= q->ipqe_flags;
 			m_cat(m, q->ipqe_m);
 			TAILQ_REMOVE(&tp->segq, q, ipqe_q);
 			TAILQ_REMOVE(&tp->timeq, q, ipqe_timeq);
 			tp->t_segqlen--;
 			KASSERT(tp->t_segqlen >= 0);
 			KASSERT(tp->t_segqlen != 0 ||
 			    (TAILQ_EMPTY(&tp->segq) &&
 			    TAILQ_EMPTY(&tp->timeq)));
 			if (tiqe == NULL) {
 				tiqe = q;
 			} else {
 				tcpipqent_free(q);
+			}
 			TCP_REASS_COUNTER_INCR(&tcp_reass_prepend);
 			break;
+		}
 		/*
 		 * If the fragment is before the segment, remember it.
 		 * When this loop is terminated, p will contain the
 		 * pointer to fragment that is right before the received
 		 * segment.
 		 */
 		if (SEQ_LEQ(q->ipqe_seq, pkt_seq))
 			p = q;
 		continue;
 		/*
 		 * This is a common operation.  It also will allow
 		 * to save doing a malloc/free in most instances.
 		 */
 	  free_ipqe:
 		TAILQ_REMOVE(&tp->segq, q, ipqe_q);
 		TAILQ_REMOVE(&tp->timeq, q, ipqe_timeq);
 		tp->t_segqlen--;
 		KASSERT(tp->t_segqlen >= 0);
 		KASSERT(tp->t_segqlen != 0 ||
 		    (TAILQ_EMPTY(&tp->segq) && TAILQ_EMPTY(&tp->timeq)));
 		if (tiqe == NULL) {
 			tiqe = q;
 		} else {
 			tcpipqent_free(q);
+		}
+	}
 #ifdef TCP_REASS_COUNTERS
 	if (count > 7)
 		TCP_REASS_COUNTER_INCR(&tcp_reass_iteration[0]);
 	else if (count > 0)
 		TCP_REASS_COUNTER_INCR(&tcp_reass_iteration[count]);
 #endif
     insert_it:
 	/*
 	 * Allocate a new queue entry since the received segment did not
 	 * collapse onto any other out-of-order block; thus we are allocating
 	 * a new block.  If it had collapsed, tiqe would not be NULL and
 	 * we would be reusing it.
 	 * XXX If we can't, just drop the packet.  XXX
 	 */
 	if (tiqe == NULL) {
 		tiqe = tcpipqent_alloc();
 		if (tiqe == NULL) {
 			TCP_STATINC(TCP_STAT_RCVMEMDROP);
 			m_freem(m);
 			return (0);
+		}
+	}
 	/*
 	 * Update the counters.
 	 */
 	tcps = TCP_STAT_GETREF();
 	tcps[TCP_STAT_RCVOOPACK]++;
 	tcps[TCP_STAT_RCVOOBYTE] += rcvoobyte;
 	if (rcvpartdupbyte) {
 	    tcps[TCP_STAT_RCVPARTDUPPACK]++;
 	    tcps[TCP_STAT_RCVPARTDUPBYTE] += rcvpartdupbyte;
+	}
 	TCP_STAT_PUTREF();
 	/*
 	 * Insert the new fragment queue entry into both queues.
 	 */
 	tiqe->ipqe_m = m;
 	tiqe->ipre_mlast = m;
 	tiqe->ipqe_seq = pkt_seq;
 	tiqe->ipqe_len = pkt_len;
 	tiqe->ipqe_flags = pkt_flags;
 	if (p == NULL) {
 		TAILQ_INSERT_HEAD(&tp->segq, tiqe, ipqe_q);
 #ifdef TCPREASS_DEBUG
 		if (tiqe->ipqe_seq != tp->rcv_nxt)
 			printf("tcp_reass[%p]: insert %u:%u(%u) at front\n",
 			       tp, pkt_seq, pkt_seq + pkt_len, pkt_len);
 #endif
 	} else {
 		TAILQ_INSERT_AFTER(&tp->segq, p, tiqe, ipqe_q);
 #ifdef TCPREASS_DEBUG
 		printf("tcp_reass[%p]: insert %u:%u(%u) after %u:%u(%u)\n",
 		       tp, pkt_seq, pkt_seq + pkt_len, pkt_len,
 		       p->ipqe_seq, p->ipqe_seq + p->ipqe_len, p->ipqe_len);
 #endif
+	}
 	tp->t_segqlen++;
 skip_replacement:
 	TAILQ_INSERT_HEAD(&tp->timeq, tiqe, ipqe_timeq);
 present:
 	/*
 	 * Present data to user, advancing rcv_nxt through
 	 * completed sequence space.
 	 */
 	if (TCPS_HAVEESTABLISHED(tp->t_state) == 0)
 		return (0);
 	q = TAILQ_FIRST(&tp->segq);
 	if (q == NULL || q->ipqe_seq != tp->rcv_nxt)
 		return (0);
 	if (tp->t_state == TCPS_SYN_RECEIVED && q->ipqe_len)
 		return (0);
 	tp->rcv_nxt += q->ipqe_len;
 	pkt_flags = q->ipqe_flags & TH_FIN;
 	nd6_hint(tp);
 	TAILQ_REMOVE(&tp->segq, q, ipqe_q);
 	TAILQ_REMOVE(&tp->timeq, q, ipqe_timeq);
 	tp->t_segqlen--;
 	KASSERT(tp->t_segqlen >= 0);
 	KASSERT(tp->t_segqlen != 0 ||
 	    (TAILQ_EMPTY(&tp->segq) && TAILQ_EMPTY(&tp->timeq)));
 	if (so->so_state & SS_CANTRCVMORE)
 		m_freem(q->ipqe_m);
 	else
 		sbappendstream(&so->so_rcv, q->ipqe_m);
 	tcpipqent_free(q);
 	sorwakeup(so);
 	return (pkt_flags);
+}
 #ifdef INET6
 int
 tcp6_input(struct mbuf **mp, int *offp, int proto)
+{
 	struct mbuf *m = *mp;
 	/*
 	 * draft-itojun-ipv6-tcp-to-anycast
 	 * better place to put this in?
 	 */
 	if (m->m_flags & M_ANYCAST6) {
 		struct ip6_hdr *ip6;
 		if (m->m_len < sizeof(struct ip6_hdr)) {
 			if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
 				TCP_STATINC(TCP_STAT_RCVSHORT);
 				return IPPROTO_DONE;
+			}
+		}
 		ip6 = mtod(m, struct ip6_hdr *);
 		icmp6_error(m, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_ADDR,
 		    (char *)&ip6->ip6_dst - (char *)ip6);
 		return IPPROTO_DONE;
+	}
 	tcp_input(m, *offp, proto);
 	return IPPROTO_DONE;
+}
 #endif
 #ifdef INET
 static void
 tcp4_log_refused(const struct ip *ip, const struct tcphdr *th)
+{
 	char src[4*sizeof "123"];
 	char dst[4*sizeof "123"];
 	if (ip) {
 		strlcpy(src, inet_ntoa(ip->ip_src), sizeof(src));
 		strlcpy(dst, inet_ntoa(ip->ip_dst), sizeof(dst));
+	}
 	else {
 		strlcpy(src, "(unknown)", sizeof(src));
 		strlcpy(dst, "(unknown)", sizeof(dst));
+	}
 	log(LOG_INFO,
 	    "Connection attempt to TCP %s:%d from %s:%d\n",
 	    dst, ntohs(th->th_dport),
 	    src, ntohs(th->th_sport));
+}
 #endif
 #ifdef INET6
 static void
 tcp6_log_refused(const struct ip6_hdr *ip6, const struct tcphdr *th)
+{
 	char src[INET6_ADDRSTRLEN];
 	char dst[INET6_ADDRSTRLEN];
 	if (ip6) {
 		strlcpy(src, ip6_sprintf(&ip6->ip6_src), sizeof(src));
 		strlcpy(dst, ip6_sprintf(&ip6->ip6_dst), sizeof(dst));
+	}
 	else {
 		strlcpy(src, "(unknown v6)", sizeof(src));
 		strlcpy(dst, "(unknown v6)", sizeof(dst));
+	}
 	log(LOG_INFO,
 	    "Connection attempt to TCP [%s]:%d from [%s]:%d\n",
 	    dst, ntohs(th->th_dport),
 	    src, ntohs(th->th_sport));
+}
 #endif
 /*
  * Checksum extended TCP header and data.
  */
 int
 tcp_input_checksum(int af, struct mbuf *m, const struct tcphdr *th,
     int toff, int off, int tlen)
+{
 	/*
 	 * XXX it's better to record and check if this mbuf is
 	 * already checked.
 	 */
 	switch (af) {
 #ifdef INET
 	case AF_INET:
 		switch (m->m_pkthdr.csum_flags &
 			((m->m_pkthdr.rcvif->if_csum_flags_rx & M_CSUM_TCPv4) |
 			 M_CSUM_TCP_UDP_BAD | M_CSUM_DATA)) {
 		case M_CSUM_TCPv4|M_CSUM_TCP_UDP_BAD:
 			TCP_CSUM_COUNTER_INCR(&tcp_hwcsum_bad);
 			goto badcsum;
 		case M_CSUM_TCPv4|M_CSUM_DATA: {
 			u_int32_t hw_csum = m->m_pkthdr.csum_data;
 			TCP_CSUM_COUNTER_INCR(&tcp_hwcsum_data);
 			if (m->m_pkthdr.csum_flags & M_CSUM_NO_PSEUDOHDR) {
 				const struct ip *ip =
 				    mtod(m, const struct ip *);
 				hw_csum = in_cksum_phdr(ip->ip_src.s_addr,
 				    ip->ip_dst.s_addr,
 				    htons(hw_csum + tlen + off + IPPROTO_TCP));
+			}
 			if ((hw_csum ^ 0xffff) != 0)
 				goto badcsum;
 			break;
+		}
 		case M_CSUM_TCPv4:
 			/* Checksum was okay. */
 			TCP_CSUM_COUNTER_INCR(&tcp_hwcsum_ok);
 			break;
 		default:
 			/*
 			 * Must compute it ourselves.  Maybe skip checksum
 			 * on loopback interfaces.
 			 */
 			if (__predict_true(!(m->m_pkthdr.rcvif->if_flags &
 					     IFF_LOOPBACK) ||
 					   tcp_do_loopback_cksum)) {
 				TCP_CSUM_COUNTER_INCR(&tcp_swcsum);
 				if (in4_cksum(m, IPPROTO_TCP, toff,
 					      tlen + off) != 0)
 					goto badcsum;
+			}
 			break;
+		}
 		break;
 #endif /* INET4 */
 #ifdef INET6
 	case AF_INET6:
 		switch (m->m_pkthdr.csum_flags &
 			((m->m_pkthdr.rcvif->if_csum_flags_rx & M_CSUM_TCPv6) |
 			 M_CSUM_TCP_UDP_BAD | M_CSUM_DATA)) {
 		case M_CSUM_TCPv6|M_CSUM_TCP_UDP_BAD:
 			TCP_CSUM_COUNTER_INCR(&tcp6_hwcsum_bad);
 			goto badcsum;
 #if 0 /* notyet */
 		case M_CSUM_TCPv6|M_CSUM_DATA:
 #endif
 		case M_CSUM_TCPv6:
 			/* Checksum was okay. */
 			TCP_CSUM_COUNTER_INCR(&tcp6_hwcsum_ok);
 			break;
 		default:
 			/*
 			 * Must compute it ourselves.  Maybe skip checksum
 			 * on loopback interfaces.
 			 */
 			if (__predict_true((m->m_flags & M_LOOP) == 0 ||
 			    tcp_do_loopback_cksum)) {
 				TCP_CSUM_COUNTER_INCR(&tcp6_swcsum);
 				if (in6_cksum(m, IPPROTO_TCP, toff,
 				    tlen + off) != 0)
 					goto badcsum;
+			}
+		}
 		break;
 #endif /* INET6 */
+	}
 	return 0;
 badcsum:
 	TCP_STATINC(TCP_STAT_RCVBADSUM);
 	return -1;
+}
 /*
  * TCP input routine, follows pages 65-76 of RFC 793 very closely.
  */
 void
 tcp_input(struct mbuf *m, ...)
+{
 	struct tcphdr *th;
 	struct ip *ip;
 	struct inpcb *inp;
 #ifdef INET6
 	struct ip6_hdr *ip6;
 	struct in6pcb *in6p;
 #endif
 	u_int8_t *optp = NULL;
 	int optlen = 0;
 	int len, tlen, toff, hdroptlen = 0;
 	struct tcpcb *tp = 0;
 	int tiflags;
 	struct socket *so = NULL;
 	int todrop, dupseg, acked, ourfinisacked, needoutput = 0;
 #ifdef TCP_DEBUG
 	short ostate = 0;
 #endif
 	u_long tiwin;
 	struct tcp_opt_info opti;
 	int off, iphlen;
 	va_list ap;
 	int af;		/* af on the wire */
 	struct mbuf *tcp_saveti = NULL;
 	uint32_t ts_rtt;
 	uint8_t iptos;
 	uint64_t *tcps;
 	MCLAIM(m, &tcp_rx_mowner);
 	va_start(ap, m);
 	toff = va_arg(ap, int);
 	(void)va_arg(ap, int);		/* ignore value, advance ap */
 	va_end(ap);
 	TCP_STATINC(TCP_STAT_RCVTOTAL);
 	bzero(&opti, sizeof(opti));
 	opti.ts_present = 0;
 	opti.maxseg = 0;
 	/*
 	 * RFC1122 4.2.3.10, p. 104: discard bcast/mcast SYN.
+	 *
 	 * TCP is, by definition, unicast, so we reject all
 	 * multicast outright.
+	 *
 	 * Note, there are additional src/dst address checks in
 	 * the AF-specific code below.
 	 */
 	if (m->m_flags & (M_BCAST|M_MCAST)) {
 		/* XXX stat */
 		goto drop;
+	}
 #ifdef INET6
 	if (m->m_flags & M_ANYCAST6) {
 		/* XXX stat */
 		goto drop;
+	}
 #endif
 	/*
 	 * Get IP and TCP header.
 	 * Note: IP leaves IP header in first mbuf.
 	 */
 	ip = mtod(m, struct ip *);
 #ifdef INET6
 	ip6 = NULL;
 #endif
 	switch (ip->ip_v) {
 #ifdef INET
 	case 4:
 		af = AF_INET;
 		iphlen = sizeof(struct ip);
 		ip = mtod(m, struct ip *);
 		IP6_EXTHDR_GET(th, struct tcphdr *, m, toff,
 			sizeof(struct tcphdr));
 		if (th == NULL) {
 			TCP_STATINC(TCP_STAT_RCVSHORT);
 			return;
+		}
 		/* We do the checksum after PCB lookup... */
 		len = ntohs(ip->ip_len);
 		tlen = len - toff;
 		iptos = ip->ip_tos;
 		break;
 #endif
 #ifdef INET6
 	case 6:
 		ip = NULL;
 		iphlen = sizeof(struct ip6_hdr);
 		af = AF_INET6;
 		ip6 = mtod(m, struct ip6_hdr *);
 		IP6_EXTHDR_GET(th, struct tcphdr *, m, toff,
 			sizeof(struct tcphdr));
 		if (th == NULL) {
 			TCP_STATINC(TCP_STAT_RCVSHORT);
 			return;
+		}
 		/* Be proactive about malicious use of IPv4 mapped address */
 		if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) ||
 		    IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) {
 			/* XXX stat */
 			goto drop;
+		}
 		/*
 		 * Be proactive about unspecified IPv6 address in source.
 		 * As we use all-zero to indicate unbounded/unconnected pcb,
 		 * unspecified IPv6 address can be used to confuse us.
+		 *
 		 * Note that packets with unspecified IPv6 destination is
 		 * already dropped in ip6_input.
 		 */
 		if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) {
 			/* XXX stat */
 			goto drop;
+		}
 		/*
 		 * Make sure destination address is not multicast.
 		 * Source address checked in ip6_input().
 		 */
 		if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
 			/* XXX stat */
 			goto drop;
+		}
 		/* We do the checksum after PCB lookup... */
 		len = m->m_pkthdr.len;
 		tlen = len - toff;
 		iptos = (ntohl(ip6->ip6_flow) >> 20) & 0xff;
 		break;
 #endif
 	default:
 		m_freem(m);
 		return;
+	}
 	KASSERT(TCP_HDR_ALIGNED_P(th));
 	/*
 	 * Check that TCP offset makes sense,
 	 * pull out TCP options and adjust length.		XXX
 	 */
 	off = th->th_off << 2;
 	if (off < sizeof (struct tcphdr) || off > tlen) {
 		TCP_STATINC(TCP_STAT_RCVBADOFF);
 		goto drop;
+	}
 	tlen -= off;
 	/*
 	 * tcp_input() has been modified to use tlen to mean the TCP data
 	 * length throughout the function.  Other functions can use
 	 * m->m_pkthdr.len as the basis for calculating the TCP data length.
 	 * rja
 	 */
 	if (off > sizeof (struct tcphdr)) {
 @@ -1442,1999 +1442,2002 @@ findpcb:
 						 */
 						m = NULL;
 					} else {
 						/*
 						 * We have created a
 						 * full-blown connection.
 						 */
 						tp = NULL;
 						inp = NULL;
 #ifdef INET6
 						in6p = NULL;
 #endif
 						switch (so->so_proto->pr_domain->dom_family) {
 #ifdef INET
 						case AF_INET:
 							inp = sotoinpcb(so);
 							tp = intotcpcb(inp);
 							break;
 #endif
 #ifdef INET6
 						case AF_INET6:
 							in6p = sotoin6pcb(so);
 							tp = in6totcpcb(in6p);
 							break;
 #endif
+						}
 						if (tp == NULL)
 							goto badsyn;	/*XXX*/
 						tiwin <<= tp->snd_scale;
 						goto after_listen;
+					}
 				} else {
 					/*
 					 * None of RST, SYN or ACK was set.
 					 * This is an invalid packet for a
 					 * TCB in LISTEN state.  Send a RST.
 					 */
 					goto badsyn;
+				}
 			} else {
 				/*
 				 * Received a SYN.
+				 *
 				 * RFC1122 4.2.3.10, p. 104: discard bcast/mcast SYN
 				 */
 				if (m->m_flags & (M_BCAST|M_MCAST))
 					goto drop;
 				switch (af) {
 #ifdef INET6
 				case AF_INET6:
 					if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst))
 						goto drop;
 					break;
 #endif /* INET6 */
 				case AF_INET:
 					if (IN_MULTICAST(ip->ip_dst.s_addr) ||
 					    in_broadcast(ip->ip_dst, m->m_pkthdr.rcvif))
 						goto drop;
 				break;
+				}
 #ifdef INET6
 				/*
 				 * If deprecated address is forbidden, we do
 				 * not accept SYN to deprecated interface
 				 * address to prevent any new inbound
 				 * connection from getting established.
 				 * When we do not accept SYN, we send a TCP
 				 * RST, with deprecated source address (instead
 				 * of dropping it).  We compromise it as it is
 				 * much better for peer to send a RST, and
 				 * RST will be the final packet for the
 				 * exchange.
+				 *
 				 * If we do not forbid deprecated addresses, we
 				 * accept the SYN packet.  RFC2462 does not
 				 * suggest dropping SYN in this case.
 				 * If we decipher RFC2462 5.5.4, it says like
 				 * this:
 				 * 1. use of deprecated addr with existing
 				 *    communication is okay - "SHOULD continue
 				 *    to be used"
 				 * 2. use of it with new communication:
 				 *   (2a) "SHOULD NOT be used if alternate
 				 *        address with sufficient scope is
 				 *        available"
 				 *   (2b) nothing mentioned otherwise.
 				 * Here we fall into (2b) case as we have no
 				 * choice in our source address selection - we
 				 * must obey the peer.
+				 *
 				 * The wording in RFC2462 is confusing, and
 				 * there are multiple description text for
 				 * deprecated address handling - worse, they
 				 * are not exactly the same.  I believe 5.5.4
 				 * is the best one, so we follow 5.5.4.
 				 */
 				if (af == AF_INET6 && !ip6_use_deprecated) {
 					struct in6_ifaddr *ia6;
 					if ((ia6 = in6ifa_ifpwithaddr(m->m_pkthdr.rcvif,
 					    &ip6->ip6_dst)) &&
 					    (ia6->ia6_flags & IN6_IFF_DEPRECATED)) {
 						tp = NULL;
 						goto dropwithreset;
+					}
+				}
 #endif
 #if defined(IPSEC) || defined(FAST_IPSEC)
 				switch (af) {
 #ifdef INET
 				case AF_INET:
 					if (ipsec4_in_reject_so(m, so)) {
 						IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
 						tp = NULL;
 						goto dropwithreset;
+					}
 					break;
 #endif
 #ifdef INET6
 				case AF_INET6:
 					if (ipsec6_in_reject_so(m, so)) {
 						IPSEC6_STATINC(IPSEC_STAT_IN_POLVIO);
 						tp = NULL;
 						goto dropwithreset;
+					}
 					break;
 #endif /*INET6*/
+				}
 #endif /*IPSEC*/
 				/*
 				 * LISTEN socket received a SYN
 				 * from itself?  This can't possibly
 				 * be valid; drop the packet.
 				 */
 				if (th->th_sport == th->th_dport) {
 					int i;
 					switch (af) {
 #ifdef INET
 					case AF_INET:
 						i = in_hosteq(ip->ip_src, ip->ip_dst);
 						break;
 #endif
 #ifdef INET6
 					case AF_INET6:
 						i = IN6_ARE_ADDR_EQUAL(&ip6->ip6_src, &ip6->ip6_dst);
 						break;
 #endif
 					default:
 						i = 1;
+					}
 					if (i) {
 						TCP_STATINC(TCP_STAT_BADSYN);
 						goto drop;
+					}
+				}
 				/*
 				 * SYN looks ok; create compressed TCP
 				 * state for it.
 				 */
 				if (so->so_qlen <= so->so_qlimit &&
 				    syn_cache_add(&src.sa, &dst.sa, th, tlen,
 						so, m, optp, optlen, &opti))
 					m = NULL;
+			}
 			goto drop;
+		}
+	}
 after_listen:
 #ifdef DIAGNOSTIC
 	/*
 	 * Should not happen now that all embryonic connections
 	 * are handled with compressed state.
 	 */
 	if (tp->t_state == TCPS_LISTEN)
 		panic("tcp_input: TCPS_LISTEN");
 #endif
 	/*
 	 * Segment received on connection.
 	 * Reset idle time and keep-alive timer.
 	 */
 	tp->t_rcvtime = tcp_now;
 	if (TCPS_HAVEESTABLISHED(tp->t_state))
 		TCP_TIMER_ARM(tp, TCPT_KEEP, tp->t_keepidle);
 	/*
 	 * Process options.
 	 */
 #ifdef TCP_SIGNATURE
 	if (optp || (tp->t_flags & TF_SIGNATURE))
 #else
 	if (optp)
 #endif
 		if (tcp_dooptions(tp, optp, optlen, th, m, toff, &opti) < 0)
 			goto drop;
 	if (TCP_SACK_ENABLED(tp)) {
 		tcp_del_sackholes(tp, th);
+	}
 	if (TCP_ECN_ALLOWED(tp)) {
 		switch (iptos & IPTOS_ECN_MASK) {
 		case IPTOS_ECN_CE:
 			tp->t_flags |= TF_ECN_SND_ECE;
 			TCP_STATINC(TCP_STAT_ECN_CE);
 			break;
 		case IPTOS_ECN_ECT0:
 			TCP_STATINC(TCP_STAT_ECN_ECT);
 			break;
 		case IPTOS_ECN_ECT1:
 			/* XXX: ignore for now -- rpaulo */
 			break;
+		}
 		if (tiflags & TH_CWR)
 			tp->t_flags &= ~TF_ECN_SND_ECE;
 		/*
 		 * Congestion experienced.
 		 * Ignore if we are already trying to recover.
 		 */
 		if ((tiflags & TH_ECE) && SEQ_GEQ(tp->snd_una, tp->snd_recover))
 			tp->t_congctl->cong_exp(tp);
+	}
 	if (opti.ts_present && opti.ts_ecr) {
 		/*
 		 * Calculate the RTT from the returned time stamp and the
 		 * connection's time base.  If the time stamp is later than
 		 * the current time, or is extremely old, fall back to non-1323
 		 * RTT calculation.  Since ts_ecr is unsigned, we can test both
 		 * at the same time.
 		 */
 		ts_rtt = TCP_TIMESTAMP(tp) - opti.ts_ecr + 1;
 		if (ts_rtt > TCP_PAWS_IDLE)
 			ts_rtt = 0;
 	} else {
 		ts_rtt = 0;
+	}
 	/*
 	 * Header prediction: check for the two common cases
 	 * of a uni-directional data xfer.  If the packet has
 	 * no control flags, is in-sequence, the window didn't
 	 * change and we're not retransmitting, it's a
 	 * candidate.  If the length is zero and the ack moved
 	 * forward, we're the sender side of the xfer.  Just
 	 * free the data acked & wake any higher level process
 	 * that was blocked waiting for space.  If the length
 	 * is non-zero and the ack didn't move, we're the
 	 * receiver side.  If we're getting packets in-order
 	 * (the reassembly queue is empty), add the data to
 	 * the socket buffer and note that we need a delayed ack.
 	 */
 	if (tp->t_state == TCPS_ESTABLISHED &&
 	    (tiflags & (TH_SYN|TH_FIN|TH_RST|TH_URG|TH_ECE|TH_CWR|TH_ACK))
 	        == TH_ACK &&
 	    (!opti.ts_present || TSTMP_GEQ(opti.ts_val, tp->ts_recent)) &&
 	    th->th_seq == tp->rcv_nxt &&
 	    tiwin && tiwin == tp->snd_wnd &&
 	    tp->snd_nxt == tp->snd_max) {
 		/*
 		 * If last ACK falls within this segment's sequence numbers,
 		 * record the timestamp.
 		 * NOTE that the test is modified according to the latest
 		 * proposal of the tcplw@cray.com list (Braden 1993/04/26).
+		 *
 		 * note that we already know
 		 *	TSTMP_GEQ(opti.ts_val, tp->ts_recent)
 		 */
 		if (opti.ts_present &&
 		    SEQ_LEQ(th->th_seq, tp->last_ack_sent)) {
 			tp->ts_recent_age = tcp_now;
 			tp->ts_recent = opti.ts_val;
+		}
 		if (tlen == 0) {
 			/* Ack prediction. */
 			if (SEQ_GT(th->th_ack, tp->snd_una) &&
 			    SEQ_LEQ(th->th_ack, tp->snd_max) &&
 			    tp->snd_cwnd >= tp->snd_wnd &&
 			    tp->t_partialacks < 0) {
 				/*
 				 * this is a pure ack for outstanding data.
 				 */
 				if (ts_rtt)
 					tcp_xmit_timer(tp, ts_rtt);
 				else if (tp->t_rtttime &&
 				    SEQ_GT(th->th_ack, tp->t_rtseq))
 					tcp_xmit_timer(tp,
 					  tcp_now - tp->t_rtttime);
 				acked = th->th_ack - tp->snd_una;
 				tcps = TCP_STAT_GETREF();
 				tcps[TCP_STAT_PREDACK]++;
 				tcps[TCP_STAT_RCVACKPACK]++;
 				tcps[TCP_STAT_RCVACKBYTE] += acked;
 				TCP_STAT_PUTREF();
 				nd6_hint(tp);
 				if (acked > (tp->t_lastoff - tp->t_inoff))
 					tp->t_lastm = NULL;
 				sbdrop(&so->so_snd, acked);
 				tp->t_lastoff -= acked;
 				icmp_check(tp, th, acked);
 				tp->snd_una = th->th_ack;
 				tp->snd_fack = tp->snd_una;
 				if (SEQ_LT(tp->snd_high, tp->snd_una))
 					tp->snd_high = tp->snd_una;
 				m_freem(m);
 				/*
 				 * If all outstanding data are acked, stop
 				 * retransmit timer, otherwise restart timer
 				 * using current (possibly backed-off) value.
 				 * If process is waiting for space,
 				 * wakeup/selnotify/signal.  If data
 				 * are ready to send, let tcp_output
 				 * decide between more output or persist.
 				 */
 				if (tp->snd_una == tp->snd_max)
 					TCP_TIMER_DISARM(tp, TCPT_REXMT);
 				else if (TCP_TIMER_ISARMED(tp,
 				    TCPT_PERSIST) == 0)
 					TCP_TIMER_ARM(tp, TCPT_REXMT,
 					    tp->t_rxtcur);
 				sowwakeup(so);
 				if (so->so_snd.sb_cc)
 					(void) tcp_output(tp);
 				if (tcp_saveti)
 					m_freem(tcp_saveti);
 				return;
+			}
 		} else if (th->th_ack == tp->snd_una &&
 		    TAILQ_FIRST(&tp->segq) == NULL &&
 		    tlen <= sbspace(&so->so_rcv)) {
 			int newsize = 0;	/* automatic sockbuf scaling */
 			/*
 			 * this is a pure, in-sequence data packet
 			 * with nothing on the reassembly queue and
 			 * we have enough buffer space to take it.
 			 */
 			tp->rcv_nxt += tlen;
 			tcps = TCP_STAT_GETREF();
 			tcps[TCP_STAT_PREDDAT]++;
 			tcps[TCP_STAT_RCVPACK]++;
 			tcps[TCP_STAT_RCVBYTE] += tlen;
 			TCP_STAT_PUTREF();
 			nd6_hint(tp);
 		/*
 		 * Automatic sizing enables the performance of large buffers
 		 * and most of the efficiency of small ones by only allocating
 		 * space when it is needed.
+		 *
 		 * On the receive side the socket buffer memory is only rarely
 		 * used to any significant extent.  This allows us to be much
 		 * more aggressive in scaling the receive socket buffer.  For
 		 * the case that the buffer space is actually used to a large
 		 * extent and we run out of kernel memory we can simply drop
 		 * the new segments; TCP on the sender will just retransmit it
 		 * later.  Setting the buffer size too big may only consume too
 		 * much kernel memory if the application doesn't read() from
 		 * the socket or packet loss or reordering makes use of the
 		 * reassembly queue.
+		 *
 		 * The criteria to step up the receive buffer one notch are:
 		 *  1. the number of bytes received during the time it takes
 		 *     one timestamp to be reflected back to us (the RTT);
 		 *  2. received bytes per RTT is within seven eighth of the
 		 *     current socket buffer size;
 		 *  3. receive buffer size has not hit maximal automatic size;
+		 *
 		 * This algorithm does one step per RTT at most and only if
 		 * we receive a bulk stream w/o packet losses or reorderings.
 		 * Shrinking the buffer during idle times is not necessary as
 		 * it doesn't consume any memory when idle.
+		 *
 		 * TODO: Only step up if the application is actually serving
 		 * the buffer to better manage the socket buffer resources.
 		 */
 			if (tcp_do_autorcvbuf &&
 			    opti.ts_ecr &&
 			    (so->so_rcv.sb_flags & SB_AUTOSIZE)) {
 				if (opti.ts_ecr > tp->rfbuf_ts &&
 				    opti.ts_ecr - tp->rfbuf_ts < PR_SLOWHZ) {
 					if (tp->rfbuf_cnt >
 					    (so->so_rcv.sb_hiwat / 8 * 7) &&
 					    so->so_rcv.sb_hiwat <
 					    tcp_autorcvbuf_max) {
 						newsize =
 						    min(so->so_rcv.sb_hiwat +
 						    tcp_autorcvbuf_inc,
 						    tcp_autorcvbuf_max);
+					}
 					/* Start over with next RTT. */
 					tp->rfbuf_ts = 0;
 					tp->rfbuf_cnt = 0;
 				} else
 					tp->rfbuf_cnt += tlen;	/* add up */
+			}
 			/*
 			 * Drop TCP, IP headers and TCP options then add data
 			 * to socket buffer.
 			 */
 			if (so->so_state & SS_CANTRCVMORE)
 				m_freem(m);
 			else {
 				/*
 				 * Set new socket buffer size.
 				 * Give up when limit is reached.
 				 */
 				if (newsize)
 					if (!sbreserve(&so->so_rcv,
 					    newsize, so))
 						so->so_rcv.sb_flags &= ~SB_AUTOSIZE;
 				m_adj(m, toff + off);
 				sbappendstream(&so->so_rcv, m);
+			}
 			sorwakeup(so);
 			tcp_setup_ack(tp, th);
 			if (tp->t_flags & TF_ACKNOW)
 				(void) tcp_output(tp);
 			if (tcp_saveti)
 				m_freem(tcp_saveti);
 			return;
+		}
+	}
 	/*
 	 * Compute mbuf offset to TCP data segment.
 	 */
 	hdroptlen = toff + off;
 	/*
 	 * Calculate amount of space in receive window,
 	 * and then do TCP input processing.
 	 * Receive window is amount of space in rcv queue,
 	 * but not less than advertised window.
 	 */
 	{ int win;
 	win = sbspace(&so->so_rcv);
 	if (win < 0)
 		win = 0;
 	tp->rcv_wnd = imax(win, (int)(tp->rcv_adv - tp->rcv_nxt));
+	}
 	/* Reset receive buffer auto scaling when not in bulk receive mode. */
 	tp->rfbuf_ts = 0;
 	tp->rfbuf_cnt = 0;
 	switch (tp->t_state) {
 	/*
 	 * If the state is SYN_SENT:
 	 *	if seg contains an ACK, but not for our SYN, drop the input.
 	 *	if seg contains a RST, then drop the connection.
 	 *	if seg does not contain SYN, then drop it.
 	 * Otherwise this is an acceptable SYN segment
 	 *	initialize tp->rcv_nxt and tp->irs
 	 *	if seg contains ack then advance tp->snd_una
 	 *	if seg contains a ECE and ECN support is enabled, the stream
 	 *	    is ECN capable.
 	 *	if SYN has been acked change to ESTABLISHED else SYN_RCVD state
 	 *	arrange for segment to be acked (eventually)
 	 *	continue processing rest of data/controls, beginning with URG
 	 */
 	case TCPS_SYN_SENT:
 		if ((tiflags & TH_ACK) &&
 		    (SEQ_LEQ(th->th_ack, tp->iss) ||
 		     SEQ_GT(th->th_ack, tp->snd_max)))
 			goto dropwithreset;
 		if (tiflags & TH_RST) {
 			if (tiflags & TH_ACK)
 				tp = tcp_drop(tp, ECONNREFUSED);
 			goto drop;
+		}
 		if ((tiflags & TH_SYN) == 0)
 			goto drop;
 		if (tiflags & TH_ACK) {
 			tp->snd_una = th->th_ack;
 			if (SEQ_LT(tp->snd_nxt, tp->snd_una))
 				tp->snd_nxt = tp->snd_una;
 			if (SEQ_LT(tp->snd_high, tp->snd_una))
 				tp->snd_high = tp->snd_una;
 			TCP_TIMER_DISARM(tp, TCPT_REXMT);
 			if ((tiflags & TH_ECE) && tcp_do_ecn) {
 				tp->t_flags |= TF_ECN_PERMIT;
 				TCP_STATINC(TCP_STAT_ECN_SHS);
+			}
+		}
 		tp->irs = th->th_seq;
 		tcp_rcvseqinit(tp);
 		tp->t_flags |= TF_ACKNOW;
 		tcp_mss_from_peer(tp, opti.maxseg);
 		/*
 		 * Initialize the initial congestion window.  If we
 		 * had to retransmit the SYN, we must initialize cwnd
 		 * to 1 segment (i.e. the Loss Window).
 		 */
 		if (tp->t_flags & TF_SYN_REXMT)
 			tp->snd_cwnd = tp->t_peermss;
 		else {
 			int ss = tcp_init_win;
 #ifdef INET
 			if (inp != NULL && in_localaddr(inp->inp_faddr))
 				ss = tcp_init_win_local;
 #endif
 #ifdef INET6
 			if (in6p != NULL && in6_localaddr(&in6p->in6p_faddr))
 				ss = tcp_init_win_local;
 #endif
 			tp->snd_cwnd = TCP_INITIAL_WINDOW(ss, tp->t_peermss);
+		}
 		tcp_rmx_rtt(tp);
 		if (tiflags & TH_ACK) {
 			TCP_STATINC(TCP_STAT_CONNECTS);
 			soisconnected(so);
 			tcp_established(tp);
 			/* Do window scaling on this connection? */
 			if ((tp->t_flags & (TF_RCVD_SCALE|TF_REQ_SCALE)) ==
 			    (TF_RCVD_SCALE|TF_REQ_SCALE)) {
 				tp->snd_scale = tp->requested_s_scale;
 				tp->rcv_scale = tp->request_r_scale;
+			}
 			TCP_REASS_LOCK(tp);
 			(void) tcp_reass(tp, NULL, (struct mbuf *)0, &tlen);
 			TCP_REASS_UNLOCK(tp);
 			/*
 			 * if we didn't have to retransmit the SYN,
 			 * use its rtt as our initial srtt & rtt var.
 			 */
 			if (tp->t_rtttime)
 				tcp_xmit_timer(tp, tcp_now - tp->t_rtttime);
 		} else
 			tp->t_state = TCPS_SYN_RECEIVED;
 		/*
 		 * Advance th->th_seq to correspond to first data byte.
 		 * If data, trim to stay within window,
 		 * dropping FIN if necessary.
 		 */
 		th->th_seq++;
 		if (tlen > tp->rcv_wnd) {
 			todrop = tlen - tp->rcv_wnd;
 			m_adj(m, -todrop);
 			tlen = tp->rcv_wnd;
 			tiflags &= ~TH_FIN;
 			tcps = TCP_STAT_GETREF();
 			tcps[TCP_STAT_RCVPACKAFTERWIN]++;
 			tcps[TCP_STAT_RCVBYTEAFTERWIN] += todrop;
 			TCP_STAT_PUTREF();
+		}
 		tp->snd_wl1 = th->th_seq - 1;
 		tp->rcv_up = th->th_seq;
 		goto step6;
 	/*
 	 * If the state is SYN_RECEIVED:
 	 *	If seg contains an ACK, but not for our SYN, drop the input
 	 *	and generate an RST.  See page 36, rfc793
 	 */
 	case TCPS_SYN_RECEIVED:
 		if ((tiflags & TH_ACK) &&
 		    (SEQ_LEQ(th->th_ack, tp->iss) ||
 		     SEQ_GT(th->th_ack, tp->snd_max)))
 			goto dropwithreset;
 		break;
+	}
 	/*
 	 * States other than LISTEN or SYN_SENT.
 	 * First check timestamp, if present.
 	 * Then check that at least some bytes of segment are within
 	 * receive window.  If segment begins before rcv_nxt,
 	 * drop leading data (and SYN); if nothing left, just ack.
+	 *
 	 * RFC 1323 PAWS: If we have a timestamp reply on this segment
 	 * and it's less than ts_recent, drop it.
 	 */
 	if (opti.ts_present && (tiflags & TH_RST) == 0 && tp->ts_recent &&
 	    TSTMP_LT(opti.ts_val, tp->ts_recent)) {
 		/* Check to see if ts_recent is over 24 days old.  */
 		if (tcp_now - tp->ts_recent_age > TCP_PAWS_IDLE) {
 			/*
 			 * Invalidate ts_recent.  If this segment updates
 			 * ts_recent, the age will be reset later and ts_recent
 			 * will get a valid value.  If it does not, setting
 			 * ts_recent to zero will at least satisfy the
 			 * requirement that zero be placed in the timestamp
 			 * echo reply when ts_recent isn't valid.  The
 			 * age isn't reset until we get a valid ts_recent
 			 * because we don't want out-of-order segments to be
 			 * dropped when ts_recent is old.
 			 */
 			tp->ts_recent = 0;
 		} else {
 			tcps = TCP_STAT_GETREF();
 			tcps[TCP_STAT_RCVDUPPACK]++;
 			tcps[TCP_STAT_RCVDUPBYTE] += tlen;
 			tcps[TCP_STAT_PAWSDROP]++;
 			TCP_STAT_PUTREF();
 			tcp_new_dsack(tp, th->th_seq, tlen);
 			goto dropafterack;
+		}
+	}
 	todrop = tp->rcv_nxt - th->th_seq;
 	dupseg = false;
 	if (todrop > 0) {
 		if (tiflags & TH_SYN) {
 			tiflags &= ~TH_SYN;
 			th->th_seq++;
 			if (th->th_urp > 1)
 				th->th_urp--;
 			else {
 				tiflags &= ~TH_URG;
 				th->th_urp = 0;
+			}
 			todrop--;
+		}
 		if (todrop > tlen ||
 		    (todrop == tlen && (tiflags & TH_FIN) == 0)) {
 			/*
 			 * Any valid FIN or RST must be to the left of the
 			 * window.  At this point the FIN or RST must be a
 			 * duplicate or out of sequence; drop it.
 			 */
 			if (tiflags & TH_RST)
 				goto drop;
 			tiflags &= ~(TH_FIN|TH_RST);
 			/*
 			 * Send an ACK to resynchronize and drop any data.
 			 * But keep on processing for RST or ACK.
 			 */
 			tp->t_flags |= TF_ACKNOW;
 			todrop = tlen;
 			dupseg = true;
 			tcps = TCP_STAT_GETREF();
 			tcps[TCP_STAT_RCVDUPPACK]++;
 			tcps[TCP_STAT_RCVDUPBYTE] += todrop;
 			TCP_STAT_PUTREF();
 		} else if ((tiflags & TH_RST) &&
 			   th->th_seq != tp->rcv_nxt) {
 			/*
 			 * Test for reset before adjusting the sequence
 			 * number for overlapping data.
 			 */
 			goto dropafterack_ratelim;
 		} else {
 			tcps = TCP_STAT_GETREF();
 			tcps[TCP_STAT_RCVPARTDUPPACK]++;
 			tcps[TCP_STAT_RCVPARTDUPBYTE] += todrop;
 			TCP_STAT_PUTREF();
+		}
 		tcp_new_dsack(tp, th->th_seq, todrop);
 		hdroptlen += todrop;	/*drop from head afterwards*/
 		th->th_seq += todrop;
 		tlen -= todrop;
 		if (th->th_urp > todrop)
 			th->th_urp -= todrop;
 		else {
 			tiflags &= ~TH_URG;
 			th->th_urp = 0;
+		}
+	}
 	/*
 	 * If new data are received on a connection after the
 	 * user processes are gone, then RST the other end.
 	 */
 	if ((so->so_state & SS_NOFDREF) &&
 	    tp->t_state > TCPS_CLOSE_WAIT && tlen) {
 		tp = tcp_close(tp);
 		TCP_STATINC(TCP_STAT_RCVAFTERCLOSE);
 		goto dropwithreset;
+	}
 	/*
 	 * If segment ends after window, drop trailing data
 	 * (and PUSH and FIN); if nothing left, just ACK.
 	 */
 	todrop = (th->th_seq + tlen) - (tp->rcv_nxt+tp->rcv_wnd);
 	if (todrop > 0) {
 		TCP_STATINC(TCP_STAT_RCVPACKAFTERWIN);
 		if (todrop >= tlen) {
 			/*
 			 * The segment actually starts after the window.
 			 * th->th_seq + tlen - tp->rcv_nxt - tp->rcv_wnd >= tlen
 			 * th->th_seq - tp->rcv_nxt - tp->rcv_wnd >= 0
 			 * th->th_seq >= tp->rcv_nxt + tp->rcv_wnd
 			 */
 			TCP_STATADD(TCP_STAT_RCVBYTEAFTERWIN, tlen);
 			/*
 			 * If a new connection request is received
 			 * while in TIME_WAIT, drop the old connection
 			 * and start over if the sequence numbers
 			 * are above the previous ones.
+			 *
 			 * NOTE: We will checksum the packet again, and
 			 * so we need to put the header fields back into
 			 * network order!
 			 * XXX This kind of sucks, but we don't expect
 			 * XXX this to happen very often, so maybe it
 			 * XXX doesn't matter so much.
 			 */
 			if (tiflags & TH_SYN &&
 			    tp->t_state == TCPS_TIME_WAIT &&
 			    SEQ_GT(th->th_seq, tp->rcv_nxt)) {
 				tp = tcp_close(tp);
 				tcp_fields_to_net(th);
 				goto findpcb;
+			}
 			/*
 			 * If window is closed can only take segments at
 			 * window edge, and have to drop data and PUSH from
 			 * incoming segments.  Continue processing, but
 			 * remember to ack.  Otherwise, drop segment
 			 * and (if not RST) ack.
 			 */
 			if (tp->rcv_wnd == 0 && th->th_seq == tp->rcv_nxt) {
 				tp->t_flags |= TF_ACKNOW;
 				TCP_STATINC(TCP_STAT_RCVWINPROBE);
 			} else
 				goto dropafterack;
 		} else
 			TCP_STATADD(TCP_STAT_RCVBYTEAFTERWIN, todrop);
 		m_adj(m, -todrop);
 		tlen -= todrop;
 		tiflags &= ~(TH_PUSH|TH_FIN);
+	}
 	/*
 	 * If last ACK falls within this segment's sequence numbers,
 	 *  record the timestamp.
 	 * NOTE:
 	 * 1) That the test incorporates suggestions from the latest
 	 *    proposal of the tcplw@cray.com list (Braden 1993/04/26).
 	 * 2) That updating only on newer timestamps interferes with
 	 *    our earlier PAWS tests, so this check should be solely
 	 *    predicated on the sequence space of this segment.
 	 * 3) That we modify the segment boundary check to be
 	 *        Last.ACK.Sent <= SEG.SEQ + SEG.Len
 	 *    instead of RFC1323's
 	 *        Last.ACK.Sent < SEG.SEQ + SEG.Len,
 	 *    This modified check allows us to overcome RFC1323's
 	 *    limitations as described in Stevens TCP/IP Illustrated
 	 *    Vol. 2 p.869. In such cases, we can still calculate the
 	 *    RTT correctly when RCV.NXT == Last.ACK.Sent.
 	 */
 	if (opti.ts_present &&
 	    SEQ_LEQ(th->th_seq, tp->last_ack_sent) &&
 	    SEQ_LEQ(tp->last_ack_sent, th->th_seq + tlen +
 		    ((tiflags & (TH_SYN|TH_FIN)) != 0))) {
 		tp->ts_recent_age = tcp_now;
 		tp->ts_recent = opti.ts_val;
+	}
 	/*
 	 * If the RST bit is set examine the state:
 	 *    SYN_RECEIVED STATE:
 	 *	If passive open, return to LISTEN state.
 	 *	If active open, inform user that connection was refused.
 	 *    ESTABLISHED, FIN_WAIT_1, FIN_WAIT2, CLOSE_WAIT STATES:
 	 *	Inform user that connection was reset, and close tcb.
 	 *    CLOSING, LAST_ACK, TIME_WAIT STATES
 	 *	Close the tcb.
 	 */
 	if (tiflags & TH_RST) {
 		if (th->th_seq != tp->rcv_nxt)
 			goto dropafterack_ratelim;
 		switch (tp->t_state) {
 		case TCPS_SYN_RECEIVED:
 			so->so_error = ECONNREFUSED;
 			goto close;
 		case TCPS_ESTABLISHED:
 		case TCPS_FIN_WAIT_1:
 		case TCPS_FIN_WAIT_2:
 		case TCPS_CLOSE_WAIT:
 			so->so_error = ECONNRESET;
 		close:
 			tp->t_state = TCPS_CLOSED;
 			TCP_STATINC(TCP_STAT_DROPS);
 			tp = tcp_close(tp);
 			goto drop;
 		case TCPS_CLOSING:
 		case TCPS_LAST_ACK:
 		case TCPS_TIME_WAIT:
 			tp = tcp_close(tp);
 			goto drop;
+		}
+	}
 	/*
 	 * Since we've covered the SYN-SENT and SYN-RECEIVED states above
 	 * we must be in a synchronized state.  RFC791 states (under RST
 	 * generation) that any unacceptable segment (an out-of-order SYN
 	 * qualifies) received in a synchronized state must elicit only an
 	 * empty acknowledgment segment ... and the connection remains in
 	 * the same state.
 	 */
 	if (tiflags & TH_SYN) {
 		if (tp->rcv_nxt == th->th_seq) {
 			tcp_respond(tp, m, m, th, (tcp_seq)0, th->th_ack - 1,
 			    TH_ACK);
 			if (tcp_saveti)
 				m_freem(tcp_saveti);
 			return;
+		}
 		goto dropafterack_ratelim;
+	}
 	/*
 	 * If the ACK bit is off we drop the segment and return.
 	 */
 	if ((tiflags & TH_ACK) == 0) {
 		if (tp->t_flags & TF_ACKNOW)
 			goto dropafterack;
 		else
 			goto drop;
+	}
 	/*
 	 * Ack processing.
 	 */
 	switch (tp->t_state) {
 	/*
 	 * In SYN_RECEIVED state if the ack ACKs our SYN then enter
 	 * ESTABLISHED state and continue processing, otherwise
 	 * send an RST.
 	 */
 	case TCPS_SYN_RECEIVED:
 		if (SEQ_GT(tp->snd_una, th->th_ack) ||
 		    SEQ_GT(th->th_ack, tp->snd_max))
 			goto dropwithreset;
 		TCP_STATINC(TCP_STAT_CONNECTS);
 		soisconnected(so);
 		tcp_established(tp);
 		/* Do window scaling? */
 		if ((tp->t_flags & (TF_RCVD_SCALE|TF_REQ_SCALE)) ==
 		    (TF_RCVD_SCALE|TF_REQ_SCALE)) {
 			tp->snd_scale = tp->requested_s_scale;
 			tp->rcv_scale = tp->request_r_scale;
+		}
 		TCP_REASS_LOCK(tp);
 		(void) tcp_reass(tp, NULL, (struct mbuf *)0, &tlen);
 		TCP_REASS_UNLOCK(tp);
 		tp->snd_wl1 = th->th_seq - 1;
 		/* fall into ... */
 	/*
 	 * In ESTABLISHED state: drop duplicate ACKs; ACK out of range
 	 * ACKs.  If the ack is in the range
 	 *	tp->snd_una < th->th_ack <= tp->snd_max
 	 * then advance tp->snd_una to th->th_ack and drop
 	 * data from the retransmission queue.  If this ACK reflects
 	 * more up to date window information we update our window information.
 	 */
 	case TCPS_ESTABLISHED:
 	case TCPS_FIN_WAIT_1:
 	case TCPS_FIN_WAIT_2:
 	case TCPS_CLOSE_WAIT:
 	case TCPS_CLOSING:
 	case TCPS_LAST_ACK:
 	case TCPS_TIME_WAIT:
 		if (SEQ_LEQ(th->th_ack, tp->snd_una)) {
 			if (tlen == 0 && !dupseg && tiwin == tp->snd_wnd) {
 				TCP_STATINC(TCP_STAT_RCVDUPPACK);
 				/*
 				 * If we have outstanding data (other than
 				 * a window probe), this is a completely
 				 * duplicate ack (ie, window info didn't
 				 * change), the ack is the biggest we've
 				 * seen and we've seen exactly our rexmt
 				 * threshhold of them, assume a packet
 				 * has been dropped and retransmit it.
 				 * Kludge snd_nxt & the congestion
 				 * window so we send only this one
 				 * packet.
 				 */
 				if (TCP_TIMER_ISARMED(tp, TCPT_REXMT) == 0 ||
 				    th->th_ack != tp->snd_una)
 					tp->t_dupacks = 0;
 				else if (tp->t_partialacks < 0 &&
 					 (++tp->t_dupacks == tcprexmtthresh ||
 					 TCP_FACK_FASTRECOV(tp))) {
 					/*
 					 * Do the fast retransmit, and adjust
 					 * congestion control paramenters.
 					 */
 					if (tp->t_congctl->fast_retransmit(tp, th)) {
 						/* False fast retransmit */
 						break;
 					} else
 						goto drop;
 				} else if (tp->t_dupacks > tcprexmtthresh) {
 					tp->snd_cwnd += tp->t_segsz;
 					(void) tcp_output(tp);
 					goto drop;
+				}
 			} else {
 				/*
 				 * If the ack appears to be very old, only
 				 * allow data that is in-sequence.  This
 				 * makes it somewhat more difficult to insert
 				 * forged data by guessing sequence numbers.
 				 * Sent an ack to try to update the send
 				 * sequence number on the other side.
 				 */
 				if (tlen && th->th_seq != tp->rcv_nxt &&
 				    SEQ_LT(th->th_ack,
 				    tp->snd_una - tp->max_sndwnd))
 					goto dropafterack;
+			}
 			break;
+		}
 		/*
 		 * If the congestion window was inflated to account
 		 * for the other side's cached packets, retract it.
 		 */
 		/* XXX: make SACK have his own congestion control
 		 * struct -- rpaulo */
 		if (TCP_SACK_ENABLED(tp))
 			tcp_sack_newack(tp, th);
 		else
 			tp->t_congctl->fast_retransmit_newack(tp, th);
 		if (SEQ_GT(th->th_ack, tp->snd_max)) {
 			TCP_STATINC(TCP_STAT_RCVACKTOOMUCH);
 			goto dropafterack;
+		}
 		acked = th->th_ack - tp->snd_una;
 		tcps = TCP_STAT_GETREF();
 		tcps[TCP_STAT_RCVACKPACK]++;
 		tcps[TCP_STAT_RCVACKBYTE] += acked;
 		TCP_STAT_PUTREF();
 		/*
 		 * If we have a timestamp reply, update smoothed
 		 * round trip time.  If no timestamp is present but
 		 * transmit timer is running and timed sequence
 		 * number was acked, update smoothed round trip time.
 		 * Since we now have an rtt measurement, cancel the
 		 * timer backoff (cf., Phil Karn's retransmit alg.).
 		 * Recompute the initial retransmit timer.
 		 */
 		if (ts_rtt)
 			tcp_xmit_timer(tp, ts_rtt);
 		else if (tp->t_rtttime && SEQ_GT(th->th_ack, tp->t_rtseq))
 			tcp_xmit_timer(tp, tcp_now - tp->t_rtttime);
 		/*
 		 * If all outstanding data is acked, stop retransmit
 		 * timer and remember to restart (more output or persist).
 		 * If there is more data to be acked, restart retransmit
 		 * timer, using current (possibly backed-off) value.
 		 */
 		if (th->th_ack == tp->snd_max) {
 			TCP_TIMER_DISARM(tp, TCPT_REXMT);
 			needoutput = 1;
 		} else if (TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0)
 			TCP_TIMER_ARM(tp, TCPT_REXMT, tp->t_rxtcur);
 		/*
 		 * New data has been acked, adjust the congestion window.
 		 */
 		tp->t_congctl->newack(tp, th);
 		nd6_hint(tp);
 		if (acked > so->so_snd.sb_cc) {
 			tp->snd_wnd -= so->so_snd.sb_cc;
 			sbdrop(&so->so_snd, (int)so->so_snd.sb_cc);
 			ourfinisacked = 1;
 		} else {
 			if (acked > (tp->t_lastoff - tp->t_inoff))
 				tp->t_lastm = NULL;
 			sbdrop(&so->so_snd, acked);
 			tp->t_lastoff -= acked;
-			tp->snd_wnd -= acked;
+			if (tp->snd_wnd > acked)
 				tp->snd_wnd -= acked;
 			else
 				tp->snd_wnd = 0;
 			ourfinisacked = 0;
+		}
 		sowwakeup(so);
 		icmp_check(tp, th, acked);
 		tp->snd_una = th->th_ack;
 		if (SEQ_GT(tp->snd_una, tp->snd_fack))
 			tp->snd_fack = tp->snd_una;
 		if (SEQ_LT(tp->snd_nxt, tp->snd_una))
 			tp->snd_nxt = tp->snd_una;
 		if (SEQ_LT(tp->snd_high, tp->snd_una))
 			tp->snd_high = tp->snd_una;
 		switch (tp->t_state) {
 		/*
 		 * In FIN_WAIT_1 STATE in addition to the processing
 		 * for the ESTABLISHED state if our FIN is now acknowledged
 		 * then enter FIN_WAIT_2.
 		 */
 		case TCPS_FIN_WAIT_1:
 			if (ourfinisacked) {
 				/*
 				 * If we can't receive any more
 				 * data, then closing user can proceed.
 				 * Starting the timer is contrary to the
 				 * specification, but if we don't get a FIN
 				 * we'll hang forever.
 				 */
 				if (so->so_state & SS_CANTRCVMORE) {
 					soisdisconnected(so);
 					if (tp->t_maxidle > 0)
 						TCP_TIMER_ARM(tp, TCPT_2MSL,
 						    tp->t_maxidle);
+				}
 				tp->t_state = TCPS_FIN_WAIT_2;
+			}
 			break;
 	 	/*
 		 * In CLOSING STATE in addition to the processing for
 		 * the ESTABLISHED state if the ACK acknowledges our FIN
 		 * then enter the TIME-WAIT state, otherwise ignore
 		 * the segment.
 		 */
 		case TCPS_CLOSING:
 			if (ourfinisacked) {
 				tp->t_state = TCPS_TIME_WAIT;
 				tcp_canceltimers(tp);
 				TCP_TIMER_ARM(tp, TCPT_2MSL,
 * PR_SLOWHZ * tcp_msl);
 				soisdisconnected(so);
+			}
 			break;
 		/*
 		 * In LAST_ACK, we may still be waiting for data to drain
 		 * and/or to be acked, as well as for the ack of our FIN.
 		 * If our FIN is now acknowledged, delete the TCB,
 		 * enter the closed state and return.
 		 */
 		case TCPS_LAST_ACK:
 			if (ourfinisacked) {
 				tp = tcp_close(tp);
 				goto drop;
+			}
 			break;
 		/*
 		 * In TIME_WAIT state the only thing that should arrive
 		 * is a retransmission of the remote FIN.  Acknowledge
 		 * it and restart the finack timer.
 		 */
 		case TCPS_TIME_WAIT:
 			TCP_TIMER_ARM(tp, TCPT_2MSL, 2 * PR_SLOWHZ * tcp_msl);
 			goto dropafterack;
+		}
+	}
 step6:
 	/*
 	 * Update window information.
 	 * Don't look at window if no ACK: TAC's send garbage on first SYN.
 	 */
 	if ((tiflags & TH_ACK) && (SEQ_LT(tp->snd_wl1, th->th_seq) ||
 	    (tp->snd_wl1 == th->th_seq && (SEQ_LT(tp->snd_wl2, th->th_ack) ||
 	    (tp->snd_wl2 == th->th_ack && tiwin > tp->snd_wnd))))) {
 		/* keep track of pure window updates */
 		if (tlen == 0 &&
 		    tp->snd_wl2 == th->th_ack && tiwin > tp->snd_wnd)
 			TCP_STATINC(TCP_STAT_RCVWINUPD);
 		tp->snd_wnd = tiwin;
 		tp->snd_wl1 = th->th_seq;
 		tp->snd_wl2 = th->th_ack;
 		if (tp->snd_wnd > tp->max_sndwnd)
 			tp->max_sndwnd = tp->snd_wnd;
 		needoutput = 1;
+	}
 	/*
 	 * Process segments with URG.
 	 */
 	if ((tiflags & TH_URG) && th->th_urp &&
 	    TCPS_HAVERCVDFIN(tp->t_state) == 0) {
 		/*
 		 * This is a kludge, but if we receive and accept
 		 * random urgent pointers, we'll crash in
 		 * soreceive.  It's hard to imagine someone
 		 * actually wanting to send this much urgent data.
 		 */
 		if (th->th_urp + so->so_rcv.sb_cc > sb_max) {
 			th->th_urp = 0;			/* XXX */
 			tiflags &= ~TH_URG;		/* XXX */
 			goto dodata;			/* XXX */
+		}
 		/*
 		 * If this segment advances the known urgent pointer,
 		 * then mark the data stream.  This should not happen
 		 * in CLOSE_WAIT, CLOSING, LAST_ACK or TIME_WAIT STATES since
 		 * a FIN has been received from the remote side.
 		 * In these states we ignore the URG.
+		 *
 		 * According to RFC961 (Assigned Protocols),
 		 * the urgent pointer points to the last octet
 		 * of urgent data.  We continue, however,
 		 * to consider it to indicate the first octet
 		 * of data past the urgent section as the original
 		 * spec states (in one of two places).
 		 */
 		if (SEQ_GT(th->th_seq+th->th_urp, tp->rcv_up)) {
 			tp->rcv_up = th->th_seq + th->th_urp;
 			so->so_oobmark = so->so_rcv.sb_cc +
 			    (tp->rcv_up - tp->rcv_nxt) - 1;
 			if (so->so_oobmark == 0)
 				so->so_state |= SS_RCVATMARK;
 			sohasoutofband(so);
 			tp->t_oobflags &= ~(TCPOOB_HAVEDATA | TCPOOB_HADDATA);
+		}
 		/*
 		 * Remove out of band data so doesn't get presented to user.
 		 * This can happen independent of advancing the URG pointer,
 		 * but if two URG's are pending at once, some out-of-band
 		 * data may creep in... ick.
 		 */
 		if (th->th_urp <= (u_int16_t) tlen
 #ifdef SO_OOBINLINE
 		     && (so->so_options & SO_OOBINLINE) == 0
 #endif
+		     )
 			tcp_pulloutofband(so, th, m, hdroptlen);
 	} else
 		/*
 		 * If no out of band data is expected,
 		 * pull receive urgent pointer along
 		 * with the receive window.
 		 */
 		if (SEQ_GT(tp->rcv_nxt, tp->rcv_up))
 			tp->rcv_up = tp->rcv_nxt;
 dodata:							/* XXX */
 	/*
 	 * Process the segment text, merging it into the TCP sequencing queue,
 	 * and arranging for acknowledgement of receipt if necessary.
 	 * This process logically involves adjusting tp->rcv_wnd as data
 	 * is presented to the user (this happens in tcp_usrreq.c,
 	 * case PRU_RCVD).  If a FIN has already been received on this
 	 * connection then we just ignore the text.
 	 */
 	if ((tlen || (tiflags & TH_FIN)) &&
 	    TCPS_HAVERCVDFIN(tp->t_state) == 0) {
 		/*
 		 * Insert segment ti into reassembly queue of tcp with
 		 * control block tp.  Return TH_FIN if reassembly now includes
 		 * a segment with FIN.  The macro form does the common case
 		 * inline (segment is the next to be received on an
 		 * established connection, and the queue is empty),
 		 * avoiding linkage into and removal from the queue and
 		 * repetition of various conversions.
 		 * Set DELACK for segments received in order, but ack
 		 * immediately when segments are out of order
 		 * (so fast retransmit can work).
 		 */
 		/* NOTE: this was TCP_REASS() macro, but used only once */
 		TCP_REASS_LOCK(tp);
 		if (th->th_seq == tp->rcv_nxt &&
 		    TAILQ_FIRST(&tp->segq) == NULL &&
 		    tp->t_state == TCPS_ESTABLISHED) {
 			tcp_setup_ack(tp, th);
 			tp->rcv_nxt += tlen;
 			tiflags = th->th_flags & TH_FIN;
 			tcps = TCP_STAT_GETREF();
 			tcps[TCP_STAT_RCVPACK]++;
 			tcps[TCP_STAT_RCVBYTE] += tlen;
 			TCP_STAT_PUTREF();
 			nd6_hint(tp);
 			if (so->so_state & SS_CANTRCVMORE)
 				m_freem(m);
 			else {
 				m_adj(m, hdroptlen);
 				sbappendstream(&(so)->so_rcv, m);
+			}
 			TCP_REASS_UNLOCK(tp);
 			sorwakeup(so);
 		} else {
 			m_adj(m, hdroptlen);
 			tiflags = tcp_reass(tp, th, m, &tlen);
 			tp->t_flags |= TF_ACKNOW;
 			TCP_REASS_UNLOCK(tp);
+		}
 		/*
 		 * Note the amount of data that peer has sent into
 		 * our window, in order to estimate the sender's
 		 * buffer size.
 		 */
 		len = so->so_rcv.sb_hiwat - (tp->rcv_adv - tp->rcv_nxt);
 	} else {
 		m_freem(m);
 		m = NULL;
 		tiflags &= ~TH_FIN;
+	}
 	/*
 	 * If FIN is received ACK the FIN and let the user know
 	 * that the connection is closing.  Ignore a FIN received before
 	 * the connection is fully established.
 	 */
 	if ((tiflags & TH_FIN) && TCPS_HAVEESTABLISHED(tp->t_state)) {
 		if (TCPS_HAVERCVDFIN(tp->t_state) == 0) {
 			socantrcvmore(so);
 			tp->t_flags |= TF_ACKNOW;
 			tp->rcv_nxt++;
+		}
 		switch (tp->t_state) {
 	 	/*
 		 * In ESTABLISHED STATE enter the CLOSE_WAIT state.
 		 */
 		case TCPS_ESTABLISHED:
 			tp->t_state = TCPS_CLOSE_WAIT;
 			break;
 	 	/*
 		 * If still in FIN_WAIT_1 STATE FIN has not been acked so
 		 * enter the CLOSING state.
 		 */
 		case TCPS_FIN_WAIT_1:
 			tp->t_state = TCPS_CLOSING;
 			break;
 	 	/*
 		 * In FIN_WAIT_2 state enter the TIME_WAIT state,
 		 * starting the time-wait timer, turning off the other
 		 * standard timers.
 		 */
 		case TCPS_FIN_WAIT_2:
 			tp->t_state = TCPS_TIME_WAIT;
 			tcp_canceltimers(tp);
 			TCP_TIMER_ARM(tp, TCPT_2MSL, 2 * PR_SLOWHZ * tcp_msl);
 			soisdisconnected(so);
 			break;
 		/*
 		 * In TIME_WAIT state restart the 2 MSL time_wait timer.
 		 */
 		case TCPS_TIME_WAIT:
 			TCP_TIMER_ARM(tp, TCPT_2MSL, 2 * PR_SLOWHZ * tcp_msl);
 			break;
+		}
+	}
 #ifdef TCP_DEBUG
 	if (so->so_options & SO_DEBUG)
 		tcp_trace(TA_INPUT, ostate, tp, tcp_saveti, 0);
 #endif
 	/*
 	 * Return any desired output.
 	 */
 	if (needoutput || (tp->t_flags & TF_ACKNOW)) {
 		(void) tcp_output(tp);
+	}
 	if (tcp_saveti)
 		m_freem(tcp_saveti);
 	return;
 badsyn:
 	/*
 	 * Received a bad SYN.  Increment counters and dropwithreset.
 	 */
 	TCP_STATINC(TCP_STAT_BADSYN);
 	tp = NULL;
 	goto dropwithreset;
 dropafterack:
 	/*
 	 * Generate an ACK dropping incoming segment if it occupies
 	 * sequence space, where the ACK reflects our state.
 	 */
 	if (tiflags & TH_RST)
 		goto drop;
 	goto dropafterack2;
 dropafterack_ratelim:
 	/*
 	 * We may want to rate-limit ACKs against SYN/RST attack.
 	 */
 	if (ppsratecheck(&tcp_ackdrop_ppslim_last, &tcp_ackdrop_ppslim_count,
 	    tcp_ackdrop_ppslim) == 0) {
 		/* XXX stat */
 		goto drop;
+	}
 	/* ...fall into dropafterack2... */
 dropafterack2:
 	m_freem(m);
 	tp->t_flags |= TF_ACKNOW;
 	(void) tcp_output(tp);
 	if (tcp_saveti)
 		m_freem(tcp_saveti);
 	return;
 dropwithreset_ratelim:
 	/*
 	 * We may want to rate-limit RSTs in certain situations,
 	 * particularly if we are sending an RST in response to
 	 * an attempt to connect to or otherwise communicate with
 	 * a port for which we have no socket.
 	 */
 	if (ppsratecheck(&tcp_rst_ppslim_last, &tcp_rst_ppslim_count,
 	    tcp_rst_ppslim) == 0) {
 		/* XXX stat */
 		goto drop;
+	}
 	/* ...fall into dropwithreset... */
 dropwithreset:
 	/*
 	 * Generate a RST, dropping incoming segment.
 	 * Make ACK acceptable to originator of segment.
 	 */
 	if (tiflags & TH_RST)
 		goto drop;
 	switch (af) {
 #ifdef INET6
 	case AF_INET6:
 		/* For following calls to tcp_respond */
 		if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst))
 			goto drop;
 		break;
 #endif /* INET6 */
 	case AF_INET:
 		if (IN_MULTICAST(ip->ip_dst.s_addr) ||
 		    in_broadcast(ip->ip_dst, m->m_pkthdr.rcvif))
 			goto drop;
+	}
 	if (tiflags & TH_ACK)
 		(void)tcp_respond(tp, m, m, th, (tcp_seq)0, th->th_ack, TH_RST);
 	else {
 		if (tiflags & TH_SYN)
 			tlen++;
 		(void)tcp_respond(tp, m, m, th, th->th_seq + tlen, (tcp_seq)0,
 		    TH_RST|TH_ACK);
+	}
 	if (tcp_saveti)
 		m_freem(tcp_saveti);
 	return;
 badcsum:
 drop:
 	/*
 	 * Drop space held by incoming segment and return.
 	 */
 	if (tp) {
 		if (tp->t_inpcb)
 			so = tp->t_inpcb->inp_socket;
 #ifdef INET6
 		else if (tp->t_in6pcb)
 			so = tp->t_in6pcb->in6p_socket;
 #endif
 		else
 			so = NULL;
 #ifdef TCP_DEBUG
 		if (so && (so->so_options & SO_DEBUG) != 0)
 			tcp_trace(TA_DROP, ostate, tp, tcp_saveti, 0);
 #endif
+	}
 	if (tcp_saveti)
 		m_freem(tcp_saveti);
 	m_freem(m);
 	return;
+}
 #ifdef TCP_SIGNATURE
 int
 tcp_signature_apply(void *fstate, void *data, u_int len)
+{
 	MD5Update(fstate, (u_char *)data, len);
 	return (0);
+}
 struct secasvar *
 tcp_signature_getsav(struct mbuf *m, struct tcphdr *th)
+{
 	struct secasvar *sav;
 #ifdef FAST_IPSEC
 	union sockaddr_union dst;
 #endif
 	struct ip *ip;
 	struct ip6_hdr *ip6;
 	ip = mtod(m, struct ip *);
 	switch (ip->ip_v) {
 	case 4:
 		ip = mtod(m, struct ip *);
 		ip6 = NULL;
 		break;
 	case 6:
 		ip = NULL;
 		ip6 = mtod(m, struct ip6_hdr *);
 		break;
 	default:
 		return (NULL);
+	}
 #ifdef FAST_IPSEC
 	/* Extract the destination from the IP header in the mbuf. */
 	bzero(&dst, sizeof(union sockaddr_union));
 	if (ip !=NULL) {
 		dst.sa.sa_len = sizeof(struct sockaddr_in);
 		dst.sa.sa_family = AF_INET;
 		dst.sin.sin_addr = ip->ip_dst;
 	} else {
 		dst.sa.sa_len = sizeof(struct sockaddr_in6);
 		dst.sa.sa_family = AF_INET6;
 		dst.sin6.sin6_addr = ip6->ip6_dst;
+	}
 	/*
 	 * Look up an SADB entry which matches the address of the peer.
 	 */
 	sav = KEY_ALLOCSA(&dst, IPPROTO_TCP, htonl(TCP_SIG_SPI));
 #else
 	if (ip)
 		sav = key_allocsa(AF_INET, (void *)&ip->ip_src,
 		    (void *)&ip->ip_dst, IPPROTO_TCP,
 		    htonl(TCP_SIG_SPI), 0, 0);
 	else
 		sav = key_allocsa(AF_INET6, (void *)&ip6->ip6_src,
 		    (void *)&ip6->ip6_dst, IPPROTO_TCP,
 		    htonl(TCP_SIG_SPI), 0, 0);
 #endif
 	return (sav);	/* freesav must be performed by caller */
+}
 int
 tcp_signature(struct mbuf *m, struct tcphdr *th, int thoff,
     struct secasvar *sav, char *sig)
+{
 	MD5_CTX ctx;
 	struct ip *ip;
 	struct ipovly *ipovly;
 	struct ip6_hdr *ip6;
 	struct ippseudo ippseudo;
 	struct ip6_hdr_pseudo ip6pseudo;
 	struct tcphdr th0;
 	int l, tcphdrlen;
 	if (sav == NULL)
 		return (-1);
 	tcphdrlen = th->th_off * 4;
 	switch (mtod(m, struct ip *)->ip_v) {
 	case 4:
 		ip = mtod(m, struct ip *);
 		ip6 = NULL;
 		break;
 	case 6:
 		ip = NULL;
 		ip6 = mtod(m, struct ip6_hdr *);
 		break;
 	default:
 		return (-1);
+	}
 	MD5Init(&ctx);
 	if (ip) {
 		memset(&ippseudo, 0, sizeof(ippseudo));
 		ipovly = (struct ipovly *)ip;
 		ippseudo.ippseudo_src = ipovly->ih_src;
 		ippseudo.ippseudo_dst = ipovly->ih_dst;
 		ippseudo.ippseudo_pad = 0;
 		ippseudo.ippseudo_p = IPPROTO_TCP;
 		ippseudo.ippseudo_len = htons(m->m_pkthdr.len - thoff);
 		MD5Update(&ctx, (char *)&ippseudo, sizeof(ippseudo));
 	} else {
 		memset(&ip6pseudo, 0, sizeof(ip6pseudo));
 		ip6pseudo.ip6ph_src = ip6->ip6_src;
 		in6_clearscope(&ip6pseudo.ip6ph_src);
 		ip6pseudo.ip6ph_dst = ip6->ip6_dst;
 		in6_clearscope(&ip6pseudo.ip6ph_dst);
 		ip6pseudo.ip6ph_len = htons(m->m_pkthdr.len - thoff);
 		ip6pseudo.ip6ph_nxt = IPPROTO_TCP;
 		MD5Update(&ctx, (char *)&ip6pseudo, sizeof(ip6pseudo));
+	}
 	th0 = *th;
 	th0.th_sum = 0;
 	MD5Update(&ctx, (char *)&th0, sizeof(th0));
 	l = m->m_pkthdr.len - thoff - tcphdrlen;
 	if (l > 0)
 		m_apply(m, thoff + tcphdrlen,
 		    m->m_pkthdr.len - thoff - tcphdrlen,
 		    tcp_signature_apply, &ctx);
 	MD5Update(&ctx, _KEYBUF(sav->key_auth), _KEYLEN(sav->key_auth));
 	MD5Final(sig, &ctx);
 	return (0);
+}
 #endif
 static int
 tcp_dooptions(struct tcpcb *tp, const u_char *cp, int cnt,
     struct tcphdr *th,
     struct mbuf *m, int toff, struct tcp_opt_info *oi)
+{
 	u_int16_t mss;
 	int opt, optlen = 0;
 #ifdef TCP_SIGNATURE
 	void *sigp = NULL;
 	char sigbuf[TCP_SIGLEN];
 	struct secasvar *sav = NULL;
 #endif
 	for (; cp && cnt > 0; cnt -= optlen, cp += optlen) {
 		opt = cp[0];
 		if (opt == TCPOPT_EOL)
 			break;
 		if (opt == TCPOPT_NOP)
 			optlen = 1;
 		else {
 			if (cnt < 2)
 				break;
 			optlen = cp[1];
 			if (optlen < 2 || optlen > cnt)
 				break;
+		}
 		switch (opt) {
 		default:
 			continue;
 		case TCPOPT_MAXSEG:
 			if (optlen != TCPOLEN_MAXSEG)
 				continue;
 			if (!(th->th_flags & TH_SYN))
 				continue;
 			if (TCPS_HAVERCVDSYN(tp->t_state))
 				continue;
 			bcopy(cp + 2, &mss, sizeof(mss));
 			oi->maxseg = ntohs(mss);
 			break;
 		case TCPOPT_WINDOW:
 			if (optlen != TCPOLEN_WINDOW)
 				continue;
 			if (!(th->th_flags & TH_SYN))
 				continue;
 			if (TCPS_HAVERCVDSYN(tp->t_state))
 				continue;
 			tp->t_flags |= TF_RCVD_SCALE;
 			tp->requested_s_scale = cp[2];
 			if (tp->requested_s_scale > TCP_MAX_WINSHIFT) {
 #if 0	/*XXX*/
 				char *p;
 				if (ip)
 					p = ntohl(ip->ip_src);
 #ifdef INET6
 				else if (ip6)
 					p = ip6_sprintf(&ip6->ip6_src);
 #endif
 				else
 					p = "(unknown)";
 				log(LOG_ERR, "TCP: invalid wscale %d from %s, "
 				    "assuming %d\n",
 				    tp->requested_s_scale, p,
 				    TCP_MAX_WINSHIFT);
 #else
 				log(LOG_ERR, "TCP: invalid wscale %d, "
 				    "assuming %d\n",
 				    tp->requested_s_scale,
 				    TCP_MAX_WINSHIFT);
 #endif
 				tp->requested_s_scale = TCP_MAX_WINSHIFT;
+			}
 			break;
 		case TCPOPT_TIMESTAMP:
 			if (optlen != TCPOLEN_TIMESTAMP)
 				continue;
 			oi->ts_present = 1;
 			bcopy(cp + 2, &oi->ts_val, sizeof(oi->ts_val));
 			NTOHL(oi->ts_val);
 			bcopy(cp + 6, &oi->ts_ecr, sizeof(oi->ts_ecr));
 			NTOHL(oi->ts_ecr);
 			if (!(th->th_flags & TH_SYN))
 				continue;
 			if (TCPS_HAVERCVDSYN(tp->t_state))
 				continue;
 			/*
 			 * A timestamp received in a SYN makes
 			 * it ok to send timestamp requests and replies.
 			 */
 			tp->t_flags |= TF_RCVD_TSTMP;
 			tp->ts_recent = oi->ts_val;
 			tp->ts_recent_age = tcp_now;
                         break;
 		case TCPOPT_SACK_PERMITTED:
 			if (optlen != TCPOLEN_SACK_PERMITTED)
 				continue;
 			if (!(th->th_flags & TH_SYN))
 				continue;
 			if (TCPS_HAVERCVDSYN(tp->t_state))
 				continue;
 			if (tcp_do_sack) {
 				tp->t_flags |= TF_SACK_PERMIT;
 				tp->t_flags |= TF_WILL_SACK;
+			}
 			break;
 		case TCPOPT_SACK:
 			tcp_sack_option(tp, th, cp, optlen);
 			break;
 #ifdef TCP_SIGNATURE
 		case TCPOPT_SIGNATURE:
 			if (optlen != TCPOLEN_SIGNATURE)
 				continue;
 			if (sigp && bcmp(sigp, cp + 2, TCP_SIGLEN))
 				return (-1);
 			sigp = sigbuf;
 			memcpy(sigbuf, cp + 2, TCP_SIGLEN);
 			tp->t_flags |= TF_SIGNATURE;
 			break;
 #endif
+		}
+	}
 #ifdef TCP_SIGNATURE
 	if (tp->t_flags & TF_SIGNATURE) {
 		sav = tcp_signature_getsav(m, th);
 		if (sav == NULL && tp->t_state == TCPS_LISTEN)
 			return (-1);
+	}
 	if ((sigp ? TF_SIGNATURE : 0) ^ (tp->t_flags & TF_SIGNATURE)) {
 		if (sav == NULL)
 			return (-1);
 #ifdef FAST_IPSEC
 		KEY_FREESAV(&sav);
 #else
 		key_freesav(sav);
 #endif
 		return (-1);
+	}
 	if (sigp) {
 		char sig[TCP_SIGLEN];
 		tcp_fields_to_net(th);
 		if (tcp_signature(m, th, toff, sav, sig) < 0) {
 			tcp_fields_to_host(th);
 			if (sav == NULL)
 				return (-1);
 #ifdef FAST_IPSEC
 			KEY_FREESAV(&sav);
 #else
 			key_freesav(sav);
 #endif
 			return (-1);
+		}
 		tcp_fields_to_host(th);
 		if (bcmp(sig, sigp, TCP_SIGLEN)) {
 			TCP_STATINC(TCP_STAT_BADSIG);
 			if (sav == NULL)
 				return (-1);
 #ifdef FAST_IPSEC
 			KEY_FREESAV(&sav);
 #else
 			key_freesav(sav);
 #endif
 			return (-1);
 		} else
 			TCP_STATINC(TCP_STAT_GOODSIG);
 		key_sa_recordxfer(sav, m);
 #ifdef FAST_IPSEC
 		KEY_FREESAV(&sav);
 #else
 		key_freesav(sav);
 #endif
+	}
 #endif
 	return (0);
+}
 /*
  * Pull out of band byte out of a segment so
  * it doesn't appear in the user's data queue.
  * It is still reflected in the segment length for
  * sequencing purposes.
  */
 void
 tcp_pulloutofband(struct socket *so, struct tcphdr *th,
     struct mbuf *m, int off)
+{
 	int cnt = off + th->th_urp - 1;
 	while (cnt >= 0) {
 		if (m->m_len > cnt) {
 			char *cp = mtod(m, char *) + cnt;
 			struct tcpcb *tp = sototcpcb(so);
 			tp->t_iobc = *cp;
 			tp->t_oobflags |= TCPOOB_HAVEDATA;
 			bcopy(cp+1, cp, (unsigned)(m->m_len - cnt - 1));
 			m->m_len--;
 			return;
+		}
 		cnt -= m->m_len;
 		m = m->m_next;
 		if (m == 0)
 			break;
+	}
 	panic("tcp_pulloutofband");
+}
 /*
  * Collect new round-trip time estimate
  * and update averages and current timeout.
  */
 void
 tcp_xmit_timer(struct tcpcb *tp, uint32_t rtt)
+{
 	int32_t delta;
 	TCP_STATINC(TCP_STAT_RTTUPDATED);
 	if (tp->t_srtt != 0) {
 		/*
 		 * srtt is stored as fixed point with 3 bits after the
 		 * binary point (i.e., scaled by 8).  The following magic
 		 * is equivalent to the smoothing algorithm in rfc793 with
 		 * an alpha of .875 (srtt = rtt/8 + srtt*7/8 in fixed
 		 * point).  Adjust rtt to origin 0.
 		 */
 		delta = (rtt << 2) - (tp->t_srtt >> TCP_RTT_SHIFT);
 		if ((tp->t_srtt += delta) <= 0)
 			tp->t_srtt = 1 << 2;
 		/*
 		 * We accumulate a smoothed rtt variance (actually, a
 		 * smoothed mean difference), then set the retransmit
 		 * timer to smoothed rtt + 4 times the smoothed variance.
 		 * rttvar is stored as fixed point with 2 bits after the
 		 * binary point (scaled by 4).  The following is
 		 * equivalent to rfc793 smoothing with an alpha of .75
 		 * (rttvar = rttvar*3/4 + |delta| / 4).  This replaces
 		 * rfc793's wired-in beta.
 		 */
 		if (delta < 0)
 			delta = -delta;
 		delta -= (tp->t_rttvar >> TCP_RTTVAR_SHIFT);
 		if ((tp->t_rttvar += delta) <= 0)
 			tp->t_rttvar = 1 << 2;
 	} else {
 		/*
 		 * No rtt measurement yet - use the unsmoothed rtt.
 		 * Set the variance to half the rtt (so our first
 		 * retransmit happens at 3*rtt).
 		 */
 		tp->t_srtt = rtt << (TCP_RTT_SHIFT + 2);
 		tp->t_rttvar = rtt << (TCP_RTTVAR_SHIFT + 2 - 1);
+	}
 	tp->t_rtttime = 0;
 	tp->t_rxtshift = 0;
 	/*
 	 * the retransmit should happen at rtt + 4 * rttvar.
 	 * Because of the way we do the smoothing, srtt and rttvar
 	 * will each average +1/2 tick of bias.  When we compute
 	 * the retransmit timer, we want 1/2 tick of rounding and
 	 * 1 extra tick because of +-1/2 tick uncertainty in the
 	 * firing of the timer.  The bias will give us exactly the
 	 * 1.5 tick we need.  But, because the bias is
 	 * statistical, we have to test that we don't drop below
 	 * the minimum feasible timer (which is 2 ticks).
 	 */
 	TCPT_RANGESET(tp->t_rxtcur, TCP_REXMTVAL(tp),
 	    max(tp->t_rttmin, rtt + 2), TCPTV_REXMTMAX);
 	/*
 	 * We received an ack for a packet that wasn't retransmitted;
 	 * it is probably safe to discard any error indications we've
 	 * received recently.  This isn't quite right, but close enough
 	 * for now (a route might have failed after we sent a segment,
 	 * and the return path might not be symmetrical).
 	 */
 	tp->t_softerror = 0;
+}
 /*
  * TCP compressed state engine.  Currently used to hold compressed
  * state for SYN_RECEIVED.
  */
 u_long	syn_cache_count;
 u_int32_t syn_hash1, syn_hash2;
 #define SYN_HASH(sa, sp, dp) \
 	((((sa)->s_addr^syn_hash1)*(((((u_int32_t)(dp))<<16) + \
 				     ((u_int32_t)(sp)))^syn_hash2)))
 #ifndef INET6
 #define	SYN_HASHALL(hash, src, dst) \
 do {									\
 	hash = SYN_HASH(&((const struct sockaddr_in *)(src))->sin_addr,	\
 		((const struct sockaddr_in *)(src))->sin_port,		\
 		((const struct sockaddr_in *)(dst))->sin_port);		\
 } while (/*CONSTCOND*/ 0)
 #else
 #define SYN_HASH6(sa, sp, dp) \
 	((((sa)->s6_addr32[0] ^ (sa)->s6_addr32[3] ^ syn_hash1) * \
 	  (((((u_int32_t)(dp))<<16) + ((u_int32_t)(sp)))^syn_hash2)) \
 	 & 0x7fffffff)
 #define SYN_HASHALL(hash, src, dst) \
 do {									\
 	switch ((src)->sa_family) {					\
 	case AF_INET:							\
 		hash = SYN_HASH(&((const struct sockaddr_in *)(src))->sin_addr, \
 			((const struct sockaddr_in *)(src))->sin_port,	\
 			((const struct sockaddr_in *)(dst))->sin_port);	\
 		break;							\
 	case AF_INET6:							\
 		hash = SYN_HASH6(&((const struct sockaddr_in6 *)(src))->sin6_addr, \
 			((const struct sockaddr_in6 *)(src))->sin6_port,	\
 			((const struct sockaddr_in6 *)(dst))->sin6_port);	\
 		break;							\
 	default:							\
 		hash = 0;						\
 	}								\
 } while (/*CONSTCOND*/0)
 #endif /* INET6 */
 POOL_INIT(syn_cache_pool, sizeof(struct syn_cache), 0, 0, 0, "synpl", NULL,
     IPL_SOFTNET);
 /*
  * We don't estimate RTT with SYNs, so each packet starts with the default
  * RTT and each timer step has a fixed timeout value.
  */
 #define	SYN_CACHE_TIMER_ARM(sc)						\
 do {									\
 	TCPT_RANGESET((sc)->sc_rxtcur,					\
 	    TCPTV_SRTTDFLT * tcp_backoff[(sc)->sc_rxtshift], TCPTV_MIN,	\
 	    TCPTV_REXMTMAX);						\
 	callout_reset(&(sc)->sc_timer,					\
 	    (sc)->sc_rxtcur * (hz / PR_SLOWHZ), syn_cache_timer, (sc));	\
 } while (/*CONSTCOND*/0)
 #define	SYN_CACHE_TIMESTAMP(sc)	(tcp_now - (sc)->sc_timebase)
 static inline void
 syn_cache_rm(struct syn_cache *sc)
+{
 	TAILQ_REMOVE(&tcp_syn_cache[sc->sc_bucketidx].sch_bucket,
 	    sc, sc_bucketq);
 	sc->sc_tp = NULL;
 	LIST_REMOVE(sc, sc_tpq);
 	tcp_syn_cache[sc->sc_bucketidx].sch_length--;
 	callout_stop(&sc->sc_timer);
 	syn_cache_count--;
+}
 static inline void
 syn_cache_put(struct syn_cache *sc)
+{
 	if (sc->sc_ipopts)
 		(void) m_free(sc->sc_ipopts);
 	rtcache_free(&sc->sc_route);
 	sc->sc_flags |= SCF_DEAD;
 	if (!callout_invoking(&sc->sc_timer))
 		callout_schedule(&(sc)->sc_timer, 1);
+}
 void
 syn_cache_init(void)
+{
 	int i;
 	/* Initialize the hash buckets. */
 	for (i = 0; i < tcp_syn_cache_size; i++)
 		TAILQ_INIT(&tcp_syn_cache[i].sch_bucket);
+}
 void
 syn_cache_insert(struct syn_cache *sc, struct tcpcb *tp)
+{
 	struct syn_cache_head *scp;
 	struct syn_cache *sc2;
 	int s;
 	/*
 	 * If there are no entries in the hash table, reinitialize
 	 * the hash secrets.
 	 */
 	if (syn_cache_count == 0) {
 		syn_hash1 = arc4random();
 		syn_hash2 = arc4random();
+	}
 	SYN_HASHALL(sc->sc_hash, &sc->sc_src.sa, &sc->sc_dst.sa);
 	sc->sc_bucketidx = sc->sc_hash % tcp_syn_cache_size;
 	scp = &tcp_syn_cache[sc->sc_bucketidx];
 	/*
 	 * Make sure that we don't overflow the per-bucket
 	 * limit or the total cache size limit.
 	 */
 	s = splsoftnet();
 	if (scp->sch_length >= tcp_syn_bucket_limit) {
 		TCP_STATINC(TCP_STAT_SC_BUCKETOVERFLOW);
 		/*
 		 * The bucket is full.  Toss the oldest element in the
 		 * bucket.  This will be the first entry in the bucket.
 		 */
 		sc2 = TAILQ_FIRST(&scp->sch_bucket);
 #ifdef DIAGNOSTIC
 		/*
 		 * This should never happen; we should always find an
 		 * entry in our bucket.
 		 */
 		if (sc2 == NULL)
 			panic("syn_cache_insert: bucketoverflow: impossible");
 #endif
 		syn_cache_rm(sc2);
 		syn_cache_put(sc2);	/* calls pool_put but see spl above */
 	} else if (syn_cache_count >= tcp_syn_cache_limit) {
 		struct syn_cache_head *scp2, *sce;
 		TCP_STATINC(TCP_STAT_SC_OVERFLOWED);
 		/*
 		 * The cache is full.  Toss the oldest entry in the
 		 * first non-empty bucket we can find.
+		 *
 		 * XXX We would really like to toss the oldest
 		 * entry in the cache, but we hope that this
 		 * condition doesn't happen very often.
 		 */
 		scp2 = scp;
 		if (TAILQ_EMPTY(&scp2->sch_bucket)) {
 			sce = &tcp_syn_cache[tcp_syn_cache_size];
 			for (++scp2; scp2 != scp; scp2++) {
 				if (scp2 >= sce)
 					scp2 = &tcp_syn_cache[0];
 				if (! TAILQ_EMPTY(&scp2->sch_bucket))
 					break;
+			}
 #ifdef DIAGNOSTIC
 			/*
 			 * This should never happen; we should always find a
 			 * non-empty bucket.
 			 */
 			if (scp2 == scp)
 				panic("syn_cache_insert: cacheoverflow: "
 				    "impossible");
 #endif
+		}
 		sc2 = TAILQ_FIRST(&scp2->sch_bucket);
 		syn_cache_rm(sc2);
 		syn_cache_put(sc2);	/* calls pool_put but see spl above */
+	}
 	/*
 	 * Initialize the entry's timer.

 @@ -1,1710 +1,1720 @@
-/*	$NetBSD: tcp_output.c,v 1.167.10.1 2011/03/29 20:12:14 riz Exp $	*/
+/*	$NetBSD: tcp_output.c,v 1.167.10.1.2.1 2015/07/24 07:44:35 martin Exp $	*/
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. Neither the name of the project nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 /*
  *      @(#)COPYRIGHT   1.1 (NRL) 17 January 1995
+ *
  * NRL grants permission for redistribution and use in source and binary
  * forms, with or without modification, of the software and documentation
  * created at NRL provided that the following conditions are met:
+ *
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. All advertising materials mentioning features or use of this software
  *    must display the following acknowledgements:
  *      This product includes software developed by the University of
  *      California, Berkeley and its contributors.
  *      This product includes software developed at the Information
  *      Technology Division, US Naval Research Laboratory.
  * 4. Neither the name of the NRL nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
+ *
  * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS
  * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
  * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL NRL OR
  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
  * The views and conclusions contained in the software and documentation
  * are those of the authors and should not be interpreted as representing
  * official policies, either expressed or implied, of the US Naval
  * Research Laboratory (NRL).
  */
 /*-
  * Copyright (c) 1997, 1998, 2001, 2005, 2006 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Jason R. Thorpe and Kevin M. Lahey of the Numerical Aerospace Simulation
  * Facility, NASA Ames Research Center.
  * This code is derived from software contributed to The NetBSD Foundation
  * by Charles M. Hannum.
  * This code is derived from software contributed to The NetBSD Foundation
  * by Rui Paulo.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 /*
  * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1995
  *	The Regents of the University of California.  All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. Neither the name of the University nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
+ *
  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
  *	@(#)tcp_output.c	8.4 (Berkeley) 5/24/95
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_output.c,v 1.167.10.1 2011/03/29 20:12:14 riz Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_output.c,v 1.167.10.1.2.1 2015/07/24 07:44:35 martin Exp $");
 #include "opt_inet.h"
 #include "opt_ipsec.h"
 #include "opt_tcp_debug.h"
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/malloc.h>
 #include <sys/mbuf.h>
 #include <sys/protosw.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
 #include <sys/errno.h>
 #include <sys/domain.h>
 #include <sys/kernel.h>
 #ifdef TCP_SIGNATURE
 #include <sys/md5.h>
 #endif
 #include <net/if.h>
 #include <net/route.h>
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 #include <netinet/ip.h>
 #include <netinet/in_pcb.h>
 #include <netinet/ip_var.h>
 #ifdef INET6
 #ifndef INET
 #include <netinet/in.h>
 #endif
 #include <netinet/ip6.h>
 #include <netinet6/in6_var.h>
 #include <netinet6/ip6_var.h>
 #include <netinet6/in6_pcb.h>
 #include <netinet6/nd6.h>
 #endif
 #ifdef FAST_IPSEC
 #include <netipsec/ipsec.h>
 #include <netipsec/key.h>
 #ifdef INET6
 #include <netipsec/ipsec6.h>
 #endif
 #endif	/* FAST_IPSEC*/
 #ifdef IPSEC
 #include <netinet6/ipsec.h>
 #endif
 #include <netinet/tcp.h>
 #define	TCPOUTFLAGS
 #include <netinet/tcp_fsm.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
 #include <netinet/tcp_private.h>
 #include <netinet/tcp_congctl.h>
 #include <netinet/tcpip.h>
 #include <netinet/tcp_debug.h>
 #include <netinet/in_offload.h>
 #include <netinet6/in6_offload.h>
 #ifdef IPSEC
 #include <netkey/key.h>
 #endif
 #ifdef notyet
 extern struct mbuf *m_copypack();
 #endif
 /*
  * Knob to enable Congestion Window Monitoring, and control
  * the burst size it allows.  Default burst is 4 packets, per
  * the Internet draft.
  */
 int	tcp_cwm = 0;
 int	tcp_cwm_burstsize = 4;
 int	tcp_do_autosndbuf = 0;
 int	tcp_autosndbuf_inc = 8 * 1024;
 int	tcp_autosndbuf_max = 256 * 1024;
 #ifdef TCP_OUTPUT_COUNTERS
 #include <sys/device.h>
 extern struct evcnt tcp_output_bigheader;
 extern struct evcnt tcp_output_predict_hit;
 extern struct evcnt tcp_output_predict_miss;
 extern struct evcnt tcp_output_copysmall;
 extern struct evcnt tcp_output_copybig;
 extern struct evcnt tcp_output_refbig;
 #define	TCP_OUTPUT_COUNTER_INCR(ev)	(ev)->ev_count++
 #else
 #define	TCP_OUTPUT_COUNTER_INCR(ev)	/* nothing */
 #endif /* TCP_OUTPUT_COUNTERS */
 static
 #ifndef GPROF
 inline
 #endif
 int
 tcp_segsize(struct tcpcb *tp, int *txsegsizep, int *rxsegsizep,
     bool *alwaysfragp)
+{
 #ifdef INET
 	struct inpcb *inp = tp->t_inpcb;
 #endif
 #ifdef INET6
 	struct in6pcb *in6p = tp->t_in6pcb;
 #endif
 	struct socket *so = NULL;
 	struct rtentry *rt;
 	struct ifnet *ifp;
 	int size;
 	int hdrlen;
 	int optlen;
 	*alwaysfragp = false;
 #ifdef DIAGNOSTIC
 	if (tp->t_inpcb && tp->t_in6pcb)
 		panic("tcp_segsize: both t_inpcb and t_in6pcb are set");
 #endif
 	switch (tp->t_family) {
 #ifdef INET
 	case AF_INET:
 		hdrlen = sizeof(struct ip) + sizeof(struct tcphdr);
 		break;
 #endif
 #ifdef INET6
 	case AF_INET6:
 		hdrlen = sizeof(struct ip6_hdr) + sizeof(struct tcphdr);
 		break;
 #endif
 	default:
 		size = tcp_mssdflt;
 		goto out;
+	}
 	rt = NULL;
 #ifdef INET
 	if (inp) {
 		rt = in_pcbrtentry(inp);
 		so = inp->inp_socket;
+	}
 #endif
 #ifdef INET6
 	if (in6p) {
 		rt = in6_pcbrtentry(in6p);
 		so = in6p->in6p_socket;
+	}
 #endif
 	if (rt == NULL) {
 		size = tcp_mssdflt;
 		goto out;
+	}
 	ifp = rt->rt_ifp;
 	size = tcp_mssdflt;
 	if (tp->t_mtudisc && rt->rt_rmx.rmx_mtu != 0) {
 #ifdef INET6
 		if (in6p && rt->rt_rmx.rmx_mtu < IPV6_MMTU) {
 			/*
 			 * RFC2460 section 5, last paragraph: if path MTU is
 			 * smaller than 1280, use 1280 as packet size and
 			 * attach fragment header.
 			 */
 			size = IPV6_MMTU - hdrlen - sizeof(struct ip6_frag);
 			*alwaysfragp = true;
 		} else
 			size = rt->rt_rmx.rmx_mtu - hdrlen;
 #else
 		size = rt->rt_rmx.rmx_mtu - hdrlen;
 #endif
 	} else if (ifp->if_flags & IFF_LOOPBACK)
 		size = ifp->if_mtu - hdrlen;
 #ifdef INET
 	else if (inp && tp->t_mtudisc)
 		size = ifp->if_mtu - hdrlen;
 	else if (inp && in_localaddr(inp->inp_faddr))
 		size = ifp->if_mtu - hdrlen;
 #endif
 #ifdef INET6
 	else if (in6p) {
 #ifdef INET
 		if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) {
 			/* mapped addr case */
 			struct in_addr d;
 			bcopy(&in6p->in6p_faddr.s6_addr32[3], &d, sizeof(d));
 			if (tp->t_mtudisc || in_localaddr(d))
 				size = ifp->if_mtu - hdrlen;
 		} else
 #endif
+		{
 			/*
 			 * for IPv6, path MTU discovery is always turned on,
 			 * or the node must use packet size <= 1280.
 			 */
 			size = tp->t_mtudisc ? IN6_LINKMTU(ifp) : IPV6_MMTU;
 			size -= hdrlen;
+		}
+	}
 #endif
  out:
 	/*
 	 * Now we must make room for whatever extra TCP/IP options are in
 	 * the packet.
 	 */
 	optlen = tcp_optlen(tp);
 	/*
 	 * XXX tp->t_ourmss should have the right size, but without this code
 	 * fragmentation will occur... need more investigation
 	 */
 #ifdef INET
 	if (inp) {
 #if defined(IPSEC) || defined(FAST_IPSEC)
 		if (! IPSEC_PCB_SKIP_IPSEC(inp->inp_sp, IPSEC_DIR_OUTBOUND))
 			optlen += ipsec4_hdrsiz_tcp(tp);
 #endif
 		optlen += ip_optlen(inp);
+	}
 #endif
 #ifdef INET6
 #ifdef INET
 	if (in6p && tp->t_family == AF_INET) {
 #if defined(IPSEC) || defined(FAST_IPSEC)
 		if (! IPSEC_PCB_SKIP_IPSEC(in6p->in6p_sp, IPSEC_DIR_OUTBOUND))
 			optlen += ipsec4_hdrsiz_tcp(tp);
 #endif
 		/* XXX size -= ip_optlen(in6p); */
 	} else
 #endif
 	if (in6p && tp->t_family == AF_INET6) {
 #if defined(IPSEC) || defined(FAST_IPSEC)
 		if (! IPSEC_PCB_SKIP_IPSEC(in6p->in6p_sp, IPSEC_DIR_OUTBOUND))
 			optlen += ipsec6_hdrsiz_tcp(tp);
 #endif
 		optlen += ip6_optlen(in6p);
+	}
 #endif
 	size -= optlen;
 	/* there may not be any room for data if mtu is too small */
 	if (size < 0)
 		return (EMSGSIZE);
 	/*
 	 * *rxsegsizep holds *estimated* inbound segment size (estimation
 	 * assumes that path MTU is the same for both ways).  this is only
 	 * for silly window avoidance, do not use the value for other purposes.
+	 *
 	 * ipseclen is subtracted from both sides, this may not be right.
 	 * I'm not quite sure about this (could someone comment).
 	 */
 	*txsegsizep = min(tp->t_peermss - optlen, size);
 	/*
 	 * Never send more than half a buffer full.  This insures that we can
 	 * always keep 2 packets on the wire, no matter what SO_SNDBUF is, and
 	 * therefore acks will never be delayed unless we run out of data to
 	 * transmit.
 	 */
 	if (so)
 		*txsegsizep = min(so->so_snd.sb_hiwat >> 1, *txsegsizep);
 	*rxsegsizep = min(tp->t_ourmss - optlen, size);
 	if (*txsegsizep != tp->t_segsz) {
 		/*
 		 * If the new segment size is larger, we don't want to
 		 * mess up the congestion window, but if it is smaller
 		 * we'll have to reduce the congestion window to ensure
 		 * that we don't get into trouble with initial windows
 		 * and the rest.  In any case, if the segment size
 		 * has changed, chances are the path has, too, and
 		 * our congestion window will be different.
 		 */
 		if (*txsegsizep < tp->t_segsz) {
 			tp->snd_cwnd = max((tp->snd_cwnd / tp->t_segsz)
 					   * *txsegsizep, *txsegsizep);
 			tp->snd_ssthresh = max((tp->snd_ssthresh / tp->t_segsz)
 						* *txsegsizep, *txsegsizep);
+		}
 		tp->t_segsz = *txsegsizep;
+	}
 	return (0);
+}
 static
 #ifndef GPROF
 inline
 #endif
 int
 tcp_build_datapkt(struct tcpcb *tp, struct socket *so, int off,
     long len, int hdrlen, struct mbuf **mp)
+{
 	struct mbuf *m, *m0;
 	uint64_t *tcps;
 	tcps = TCP_STAT_GETREF();
 	if (tp->t_force && len == 1)
 		tcps[TCP_STAT_SNDPROBE]++;
 	else if (SEQ_LT(tp->snd_nxt, tp->snd_max)) {
 		tcps[TCP_STAT_SNDREXMITPACK]++;
 		tcps[TCP_STAT_SNDREXMITBYTE] += len;
 	} else {
 		tcps[TCP_STAT_SNDPACK]++;
 		tcps[TCP_STAT_SNDBYTE] += len;
+	}
 	TCP_STAT_PUTREF();
 #ifdef notyet
 	if ((m = m_copypack(so->so_snd.sb_mb, off,
 	    (int)len, max_linkhdr + hdrlen)) == 0)
 		return (ENOBUFS);
 	/*
 	 * m_copypack left space for our hdr; use it.
 	 */
 	m->m_len += hdrlen;
 	m->m_data -= hdrlen;
 #else
 	MGETHDR(m, M_DONTWAIT, MT_HEADER);
 	if (__predict_false(m == NULL))
 		return (ENOBUFS);
 	MCLAIM(m, &tcp_tx_mowner);
 	/*
 	 * XXX Because other code assumes headers will fit in
 	 * XXX one header mbuf.
+	 *
 	 * (This code should almost *never* be run.)
 	 */
 	if (__predict_false((max_linkhdr + hdrlen) > MHLEN)) {
 		TCP_OUTPUT_COUNTER_INCR(&tcp_output_bigheader);
 		MCLGET(m, M_DONTWAIT);
 		if ((m->m_flags & M_EXT) == 0) {
 			m_freem(m);
 			return (ENOBUFS);
+		}
+	}
 	m->m_data += max_linkhdr;
 	m->m_len = hdrlen;
 	/*
 	 * To avoid traversing the whole sb_mb chain for correct
 	 * data to send, remember last sent mbuf, its offset and
 	 * the sent size.  When called the next time, see if the
 	 * data to send is directly following the previous transfer.
 	 * This is important for large TCP windows.
 	 */
 	if (off == 0 || tp->t_lastm == NULL ||
 	    (tp->t_lastoff + tp->t_lastlen) != off) {
 		TCP_OUTPUT_COUNTER_INCR(&tcp_output_predict_miss);
 		/*
 		 * Either a new packet or a retransmit.
 		 * Start from the beginning.
 		 */
 		tp->t_lastm = so->so_snd.sb_mb;
 		tp->t_inoff = off;
 	} else {
 		TCP_OUTPUT_COUNTER_INCR(&tcp_output_predict_hit);
 		tp->t_inoff += tp->t_lastlen;
+	}
 	/* Traverse forward to next packet */
 	while (tp->t_inoff > 0) {
 		if (tp->t_lastm == NULL)
 			panic("tp->t_lastm == NULL");
 		if (tp->t_inoff < tp->t_lastm->m_len)
 			break;
 		tp->t_inoff -= tp->t_lastm->m_len;
 		tp->t_lastm = tp->t_lastm->m_next;
+	}
 	tp->t_lastoff = off;
 	tp->t_lastlen = len;
 	m0 = tp->t_lastm;
 	off = tp->t_inoff;
 	if (len <= M_TRAILINGSPACE(m)) {
 		m_copydata(m0, off, (int) len, mtod(m, char *) + hdrlen);
 		m->m_len += len;
 		TCP_OUTPUT_COUNTER_INCR(&tcp_output_copysmall);
 	} else {
 		m->m_next = m_copym(m0, off, (int) len, M_DONTWAIT);
 		if (m->m_next == NULL) {
 			m_freem(m);
 			return (ENOBUFS);
+		}
 #ifdef TCP_OUTPUT_COUNTERS
 		if (m->m_next->m_flags & M_EXT)
 			TCP_OUTPUT_COUNTER_INCR(&tcp_output_refbig);
 		else
 			TCP_OUTPUT_COUNTER_INCR(&tcp_output_copybig);
 #endif /* TCP_OUTPUT_COUNTERS */
+	}
 #endif
 	*mp = m;
 	return (0);
+}
 /*
  * Tcp output routine: figure out what should be sent and send it.
  */
 int
 tcp_output(struct tcpcb *tp)
+{
 	struct rtentry *rt;
 	struct socket *so;
 	struct route *ro;
 	long len, win;
 	int off, flags, error;
 	struct mbuf *m;
 	struct ip *ip;
 #ifdef INET6
 	struct ip6_hdr *ip6;
 #endif
 	struct tcphdr *th;
 	u_char opt[MAX_TCPOPTLEN];
 	unsigned optlen, hdrlen, packetlen;
 	unsigned int sack_numblks;
 	int idle, sendalot, txsegsize, rxsegsize;
 	int txsegsize_nosack;
 	int maxburst = TCP_MAXBURST;
 	int af;		/* address family on the wire */
 	int iphdrlen;
 	int has_tso4, has_tso6;
 	int has_tso, use_tso;
 	bool alwaysfrag;
 	int sack_rxmit;
 	int sack_bytes_rxmt;
 	int ecn_tos;
 	struct sackhole *p;
 #ifdef TCP_SIGNATURE
 	int sigoff = 0;
 #endif
 	uint64_t *tcps;
 #ifdef DIAGNOSTIC
 	if (tp->t_inpcb && tp->t_in6pcb)
 		panic("tcp_output: both t_inpcb and t_in6pcb are set");
 #endif
 	so = NULL;
 	ro = NULL;
 	if (tp->t_inpcb) {
 		so = tp->t_inpcb->inp_socket;
 		ro = &tp->t_inpcb->inp_route;
+	}
 #ifdef INET6
 	else if (tp->t_in6pcb) {
 		so = tp->t_in6pcb->in6p_socket;
 		ro = &tp->t_in6pcb->in6p_route;
+	}
 #endif
 	switch (af = tp->t_family) {
 #ifdef INET
 	case AF_INET:
 		if (tp->t_inpcb)
 			break;
 #ifdef INET6
 		/* mapped addr case */
 		if (tp->t_in6pcb)
 			break;
 #endif
 		return (EINVAL);
 #endif
 #ifdef INET6
 	case AF_INET6:
 		if (tp->t_in6pcb)
 			break;
 		return (EINVAL);
 #endif
 	default:
 		return (EAFNOSUPPORT);
+	}
 	if (tcp_segsize(tp, &txsegsize, &rxsegsize, &alwaysfrag))
 		return (EMSGSIZE);
 	idle = (tp->snd_max == tp->snd_una);
 	/*
 	 * Determine if we can use TCP segmentation offload:
 	 * - If we're using IPv4
 	 * - If there is not an IPsec policy that prevents it
 	 * - If the interface can do it
 	 */
 	has_tso4 = has_tso6 = false;
 #if defined(INET)
 	has_tso4 = tp->t_inpcb != NULL &&
 #if defined(IPSEC) || defined(FAST_IPSEC)
 		  IPSEC_PCB_SKIP_IPSEC(tp->t_inpcb->inp_sp,
 		  		       IPSEC_DIR_OUTBOUND) &&
 #endif
 		  (rt = rtcache_validate(&tp->t_inpcb->inp_route)) != NULL &&
 		  (rt->rt_ifp->if_capenable & IFCAP_TSOv4) != 0;
 #endif /* defined(INET) */
 #if defined(INET6)
 	has_tso6 = tp->t_in6pcb != NULL &&
 #if defined(IPSEC) || defined(FAST_IPSEC)
 		  IPSEC_PCB_SKIP_IPSEC(tp->t_in6pcb->in6p_sp,
 		  		       IPSEC_DIR_OUTBOUND) &&
 #endif
 		  (rt = rtcache_validate(&tp->t_in6pcb->in6p_route)) != NULL &&
 		  (rt->rt_ifp->if_capenable & IFCAP_TSOv6) != 0;
 #endif /* defined(INET6) */
 	has_tso = (has_tso4 || has_tso6) && !alwaysfrag;
 	/*
 	 * Restart Window computation.  From draft-floyd-incr-init-win-03:
+	 *
 	 *	Optionally, a TCP MAY set the restart window to the
 	 *	minimum of the value used for the initial window and
 	 *	the current value of cwnd (in other words, using a
 	 *	larger value for the restart window should never increase
 	 *	the size of cwnd).
 	 */
 	if (tcp_cwm) {
 		/*
 		 * Hughes/Touch/Heidemann Congestion Window Monitoring.
 		 * Count the number of packets currently pending
 		 * acknowledgement, and limit our congestion window
 		 * to a pre-determined allowed burst size plus that count.
 		 * This prevents bursting once all pending packets have
 		 * been acknowledged (i.e. transmission is idle).
+		 *
 		 * XXX Link this to Initial Window?
 		 */
 		tp->snd_cwnd = min(tp->snd_cwnd,
 		    (tcp_cwm_burstsize * txsegsize) +
 		    (tp->snd_nxt - tp->snd_una));
 	} else {
 		if (idle && (tcp_now - tp->t_rcvtime) >= tp->t_rxtcur) {
 			/*
 			 * We have been idle for "a while" and no acks are
 			 * expected to clock out any data we send --
 			 * slow start to get ack "clock" running again.
 			 */
 			int ss = tcp_init_win;
 #ifdef INET
 			if (tp->t_inpcb &&
 			    in_localaddr(tp->t_inpcb->inp_faddr))
 				ss = tcp_init_win_local;
 #endif
 #ifdef INET6
 			if (tp->t_in6pcb &&
 			    in6_localaddr(&tp->t_in6pcb->in6p_faddr))
 				ss = tcp_init_win_local;
 #endif
 			tp->snd_cwnd = min(tp->snd_cwnd,
 			    TCP_INITIAL_WINDOW(ss, txsegsize));
+		}
+	}
 	txsegsize_nosack = txsegsize;
 again:
 	ecn_tos = 0;
 	use_tso = has_tso;
 	if ((tp->t_flags & (TF_ECN_SND_CWR|TF_ECN_SND_ECE)) != 0) {
 		/* don't duplicate CWR/ECE. */
 		use_tso = 0;
+	}
 	TCP_REASS_LOCK(tp);
 	sack_numblks = tcp_sack_numblks(tp);
 	if (sack_numblks) {
 		int sackoptlen;
 		sackoptlen = TCP_SACK_OPTLEN(sack_numblks);
 		if (sackoptlen > txsegsize_nosack) {
 			sack_numblks = 0; /* give up SACK */
 			txsegsize = txsegsize_nosack;
 		} else {
 			if ((tp->rcv_sack_flags & TCPSACK_HAVED) != 0) {
 				/* don't duplicate D-SACK. */
 				use_tso = 0;
+			}
 			txsegsize = txsegsize_nosack - sackoptlen;
+		}
 	} else {
 		txsegsize = txsegsize_nosack;
+	}
 	/*
 	 * Determine length of data that should be transmitted, and
 	 * flags that should be used.  If there is some data or critical
 	 * controls (SYN, RST) to send, then transmit; otherwise,
 	 * investigate further.
+	 *
 	 * Readjust SACK information to avoid resending duplicate data.
 	 */
 	if (TCP_SACK_ENABLED(tp) && SEQ_LT(tp->snd_nxt, tp->snd_max))
 		tcp_sack_adjust(tp);
 	sendalot = 0;
 	off = tp->snd_nxt - tp->snd_una;
 	win = min(tp->snd_wnd, tp->snd_cwnd);
 	flags = tcp_outflags[tp->t_state];
 	/*
 	 * Send any SACK-generated retransmissions.  If we're explicitly trying
 	 * to send out new data (when sendalot is 1), bypass this function.
 	 * If we retransmit in fast recovery mode, decrement snd_cwnd, since
 	 * we're replacing a (future) new transmission with a retransmission
 	 * now, and we previously incremented snd_cwnd in tcp_input().
 	 */
 	/*
 	 * Still in sack recovery , reset rxmit flag to zero.
 	 */
 	sack_rxmit = 0;
 	sack_bytes_rxmt = 0;
 	len = 0;
 	p = NULL;
 	do {
 		long cwin;
 		if (!TCP_SACK_ENABLED(tp))
 			break;
 		if (tp->t_partialacks < 0)
 			break;
 		p = tcp_sack_output(tp, &sack_bytes_rxmt);
 		if (p == NULL)
 			break;
 		cwin = min(tp->snd_wnd, tp->snd_cwnd) - sack_bytes_rxmt;
 		if (cwin < 0)
 			cwin = 0;
 		/* Do not retransmit SACK segments beyond snd_recover */
 		if (SEQ_GT(p->end, tp->snd_recover)) {
 			/*
 			 * (At least) part of sack hole extends beyond
 			 * snd_recover. Check to see if we can rexmit data
 			 * for this hole.
 			 */
 			if (SEQ_GEQ(p->rxmit, tp->snd_recover)) {
 				/*
 				 * Can't rexmit any more data for this hole.
 				 * That data will be rexmitted in the next
 				 * sack recovery episode, when snd_recover
 				 * moves past p->rxmit.
 				 */
 				p = NULL;
 				break;
+			}
 			/* Can rexmit part of the current hole */
 			len = ((long)ulmin(cwin, tp->snd_recover - p->rxmit));
 		} else
 			len = ((long)ulmin(cwin, p->end - p->rxmit));
 		off = p->rxmit - tp->snd_una;
 		if (off + len > so->so_snd.sb_cc) {
 			/* 1 for TH_FIN */
 			KASSERT(off + len == so->so_snd.sb_cc + 1);
 			KASSERT(p->rxmit + len == tp->snd_max);
 			len = so->so_snd.sb_cc - off;
+		}
 		if (len > 0) {
 			sack_rxmit = 1;
 			sendalot = 1;
+		}
 	} while (/*CONSTCOND*/0);
 	/*
 	 * If in persist timeout with window of 0, send 1 byte.
 	 * Otherwise, if window is small but nonzero
 	 * and timer expired, we will send what we can
 	 * and go to transmit state.
 	 */
 	if (tp->t_force) {
 		if (win == 0) {
 			/*
 			 * If we still have some data to send, then
 			 * clear the FIN bit.  Usually this would
 			 * happen below when it realizes that we
 			 * aren't sending all the data.  However,
 			 * if we have exactly 1 byte of unset data,
 			 * then it won't clear the FIN bit below,
 			 * and if we are in persist state, we wind
 			 * up sending the packet without recording
 			 * that we sent the FIN bit.
+			 *
 			 * We can't just blindly clear the FIN bit,
 			 * because if we don't have any more data
 			 * to send then the probe will be the FIN
 			 * itself.
 			 */
 			if (off < so->so_snd.sb_cc)
 				flags &= ~TH_FIN;
 			win = 1;
 		} else {
 			TCP_TIMER_DISARM(tp, TCPT_PERSIST);
 			tp->t_rxtshift = 0;
+		}
+	}
 	if (sack_rxmit == 0) {
 		if (TCP_SACK_ENABLED(tp) && tp->t_partialacks >= 0) {
 			long cwin;
 			/*
 			 * We are inside of a SACK recovery episode and are
 			 * sending new data, having retransmitted all the
 			 * data possible in the scoreboard.
 			 */
 			if (tp->snd_wnd < so->so_snd.sb_cc) {
 				len = tp->snd_wnd - off;
 				flags &= ~TH_FIN;
 			} else {
 				len = so->so_snd.sb_cc - off;
+			}
 			/*
 			 * From FreeBSD:
 			 *  Don't remove this (len > 0) check !
 			 *  We explicitly check for len > 0 here (although it
 			 *  isn't really necessary), to work around a gcc
 			 *  optimization issue - to force gcc to compute
 			 *  len above. Without this check, the computation
 			 *  of len is bungled by the optimizer.
 			 */
 			if (len > 0) {
 				cwin = tp->snd_cwnd -
 				    (tp->snd_nxt - tp->sack_newdata) -
 				    sack_bytes_rxmt;
 				if (cwin < 0)
 					cwin = 0;
 				if (cwin < len) {
 					len = cwin;
 					flags &= ~TH_FIN;
+				}
+			}
 		} else if (win < so->so_snd.sb_cc) {
 			len = win - off;
 			flags &= ~TH_FIN;
 		} else {
 			len = so->so_snd.sb_cc - off;
+		}
+	}
 	if (len < 0) {
 		/*
 		 * If FIN has been sent but not acked,
 		 * but we haven't been called to retransmit,
 		 * len will be -1.  Otherwise, window shrank
 		 * after we sent into it.  If window shrank to 0,
 		 * cancel pending retransmit, pull snd_nxt back
 		 * to (closed) window, and set the persist timer
 		 * if it isn't already going.  If the window didn't
 		 * close completely, just wait for an ACK.
+		 *
 		 * If we have a pending FIN, either it has already been
 		 * transmitted or it is outside the window, so drop it.
 		 * If the FIN has been transmitted, but this is not a
 		 * retransmission, then len must be -1.  Therefore we also
 		 * prevent here the sending of `gratuitous FINs'.  This
 		 * eliminates the need to check for that case below (e.g.
 		 * to back up snd_nxt before the FIN so that the sequence
 		 * number is correct).
 		 */
 		len = 0;
 		flags &= ~TH_FIN;
 		if (win == 0) {
 			TCP_TIMER_DISARM(tp, TCPT_REXMT);
 			tp->t_rxtshift = 0;
 			tp->snd_nxt = tp->snd_una;
 			if (TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0)
 				tcp_setpersist(tp);
+		}
+	}
 	/*
 	 * Automatic sizing enables the performance of large buffers
 	 * and most of the efficiency of small ones by only allocating
 	 * space when it is needed.
+	 *
 	 * The criteria to step up the send buffer one notch are:
 	 *  1. receive window of remote host is larger than send buffer
 	 *     (with a fudge factor of 5/4th);
 	 *  2. send buffer is filled to 7/8th with data (so we actually
 	 *     have data to make use of it);
 	 *  3. send buffer fill has not hit maximal automatic size;
 	 *  4. our send window (slow start and cogestion controlled) is
 	 *     larger than sent but unacknowledged data in send buffer.
+	 *
 	 * The remote host receive window scaling factor may limit the
 	 * growing of the send buffer before it reaches its allowed
 	 * maximum.
+	 *
 	 * It scales directly with slow start or congestion window
 	 * and does at most one step per received ACK.  This fast
 	 * scaling has the drawback of growing the send buffer beyond
 	 * what is strictly necessary to make full use of a given
 	 * delay*bandwith product.  However testing has shown this not
 	 * to be much of an problem.  At worst we are trading wasting
 	 * of available bandwith (the non-use of it) for wasting some
 	 * socket buffer memory.
+	 *
 	 * TODO: Shrink send buffer during idle periods together
 	 * with congestion window.  Requires another timer.
 	 */
 	if (tcp_do_autosndbuf && so->so_snd.sb_flags & SB_AUTOSIZE) {
 		if ((tp->snd_wnd / 4 * 5) >= so->so_snd.sb_hiwat &&
 		    so->so_snd.sb_cc >= (so->so_snd.sb_hiwat / 8 * 7) &&
 		    so->so_snd.sb_cc < tcp_autosndbuf_max &&
 		    win >= (so->so_snd.sb_cc - (tp->snd_nxt - tp->snd_una))) {
 			if (!sbreserve(&so->so_snd,
 			    min(so->so_snd.sb_hiwat + tcp_autosndbuf_inc,
 			     tcp_autosndbuf_max), so))
 				so->so_snd.sb_flags &= ~SB_AUTOSIZE;
+		}
+	}
 	if (len > txsegsize) {
 		if (use_tso) {
 			/*
 			 * Truncate TSO transfers to IP_MAXPACKET, and make
 			 * sure that we send equal size transfers down the
 			 * stack (rather than big-small-big-small-...).
 			 */
 #ifdef INET6
 #if IPV6_MAXPACKET != IP_MAXPACKET
 #error IPV6_MAXPACKET != IP_MAXPACKET
 #endif
 #endif
 			len = (min(len, IP_MAXPACKET) / txsegsize) * txsegsize;
 			if (len <= txsegsize) {
 				use_tso = 0;
+			}
 		} else
 			len = txsegsize;
 		flags &= ~TH_FIN;
 		sendalot = 1;
 	} else
 		use_tso = 0;
 	if (sack_rxmit) {
 		if (SEQ_LT(p->rxmit + len, tp->snd_una + so->so_snd.sb_cc))
 			flags &= ~TH_FIN;
+	}
 	win = sbspace(&so->so_rcv);
 	/*
 	 * Sender silly window avoidance.  If connection is idle
 	 * and can send all data, a maximum segment,
 	 * at least a maximum default-size segment do it,
 	 * or are forced, do it; otherwise don't bother.
 	 * If peer's buffer is tiny, then send
 	 * when window is at least half open.
 	 * If retransmitting (possibly after persist timer forced us
 	 * to send into a small window), then must resend.
 	 */
 	if (len) {
 		if (len >= txsegsize)
 			goto send;
 		if ((so->so_state & SS_MORETOCOME) == 0 &&
 		    ((idle || tp->t_flags & TF_NODELAY) &&
 		     len + off >= so->so_snd.sb_cc))
 			goto send;
 		if (tp->t_force)
 			goto send;
 		if (len >= tp->max_sndwnd / 2)
 			goto send;
 		if (SEQ_LT(tp->snd_nxt, tp->snd_max))
 			goto send;
 		if (sack_rxmit)
 			goto send;
+	}
 	/*
 	 * Compare available window to amount of window known to peer
 	 * (as advertised window less next expected input).  If the
 	 * difference is at least twice the size of the largest segment
 	 * we expect to receive (i.e. two segments) or at least 50% of
 	 * the maximum possible window, then want to send a window update
 	 * to peer.
 	 */
 	if (win > 0) {
 		/*
 		 * "adv" is the amount we can increase the window,
 		 * taking into account that we are limited by
 		 * TCP_MAXWIN << tp->rcv_scale.
 		 */
 		long adv = min(win, (long)TCP_MAXWIN << tp->rcv_scale) -
 			(tp->rcv_adv - tp->rcv_nxt);
 		if (adv >= (long) (2 * rxsegsize))
 			goto send;
 		if (2 * adv >= (long) so->so_rcv.sb_hiwat)
 			goto send;
+	}
 	/*
 	 * Send if we owe peer an ACK.
 	 */
 	if (tp->t_flags & TF_ACKNOW)
 		goto send;
 	if (flags & (TH_SYN|TH_FIN|TH_RST))
 		goto send;
 	if (SEQ_GT(tp->snd_up, tp->snd_una))
 		goto send;
 	/*
 	 * In SACK, it is possible for tcp_output to fail to send a segment
 	 * after the retransmission timer has been turned off.  Make sure
 	 * that the retransmission timer is set.
 	 */
 	if (TCP_SACK_ENABLED(tp) && SEQ_GT(tp->snd_max, tp->snd_una) &&
 	    !TCP_TIMER_ISARMED(tp, TCPT_REXMT) &&
 	    !TCP_TIMER_ISARMED(tp, TCPT_PERSIST)) {
 		TCP_TIMER_ARM(tp, TCPT_REXMT, tp->t_rxtcur);
 		goto just_return;
+	}
 	/*
 	 * TCP window updates are not reliable, rather a polling protocol
 	 * using ``persist'' packets is used to insure receipt of window
 	 * updates.  The three ``states'' for the output side are:
 	 *	idle			not doing retransmits or persists
 	 *	persisting		to move a small or zero window
 	 *	(re)transmitting	and thereby not persisting
+	 *
 	 * tp->t_timer[TCPT_PERSIST]
 	 *	is set when we are in persist state.
 	 * tp->t_force
 	 *	is set when we are called to send a persist packet.
 	 * tp->t_timer[TCPT_REXMT]
 	 *	is set when we are retransmitting
 	 * The output side is idle when both timers are zero.
+	 *
 	 * If send window is too small, there is data to transmit, and no
 	 * retransmit or persist is pending, then go to persist state.
 	 * If nothing happens soon, send when timer expires:
 	 * if window is nonzero, transmit what we can,
 	 * otherwise force out a byte.
 	 */
 	if (so->so_snd.sb_cc && TCP_TIMER_ISARMED(tp, TCPT_REXMT) == 0 &&
 	    TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0) {
 		tp->t_rxtshift = 0;
 		tcp_setpersist(tp);
+	}
 	/*
 	 * No reason to send a segment, just return.
 	 */
 just_return:
 	TCP_REASS_UNLOCK(tp);
 	return (0);
 send:
 	/*
 	 * Before ESTABLISHED, force sending of initial options
 	 * unless TCP set not to do any options.
 	 * NOTE: we assume that the IP/TCP header plus TCP options
 	 * always fit in a single mbuf, leaving room for a maximum
 	 * link header, i.e.
 	 *	max_linkhdr + sizeof (struct tcpiphdr) + optlen <= MCLBYTES
 	 */
 	optlen = 0;
 	switch (af) {
 #ifdef INET
 	case AF_INET:
 		iphdrlen = sizeof(struct ip) + sizeof(struct tcphdr);
 		break;
 #endif
 #ifdef INET6
 	case AF_INET6:
 		iphdrlen = sizeof(struct ip6_hdr) + sizeof(struct tcphdr);
 		break;
 #endif
 	default:	/*pacify gcc*/
 		iphdrlen = 0;
 		break;
+	}
 	hdrlen = iphdrlen;
 	if (flags & TH_SYN) {
 		struct rtentry *synrt;
 		synrt = NULL;
 #ifdef INET
 		if (tp->t_inpcb)
 			synrt = in_pcbrtentry(tp->t_inpcb);
 #endif
 #ifdef INET6
 		if (tp->t_in6pcb)
 			synrt = in6_pcbrtentry(tp->t_in6pcb);
 #endif
 		tp->snd_nxt = tp->iss;
 		tp->t_ourmss = tcp_mss_to_advertise(synrt != NULL ?
 						    synrt->rt_ifp : NULL, af);
 		if ((tp->t_flags & TF_NOOPT) == 0) {
 			opt[0] = TCPOPT_MAXSEG;
 			opt[1] = 4;
 			opt[2] = (tp->t_ourmss >> 8) & 0xff;
 			opt[3] = tp->t_ourmss & 0xff;
 			optlen = 4;
 			if ((tp->t_flags & TF_REQ_SCALE) &&
 			    ((flags & TH_ACK) == 0 ||
 			    (tp->t_flags & TF_RCVD_SCALE))) {
 				*((u_int32_t *) (opt + optlen)) = htonl(
 					TCPOPT_NOP << 24 |
 					TCPOPT_WINDOW << 16 |
 					TCPOLEN_WINDOW << 8 |
 					tp->request_r_scale);
 				optlen += 4;
+			}
 			if (tcp_do_sack) {
 				u_int8_t *cp = (u_int8_t *)(opt + optlen);
 				cp[0] = TCPOPT_SACK_PERMITTED;
 				cp[1] = 2;
 				cp[2] = TCPOPT_NOP;
 				cp[3] = TCPOPT_NOP;
 				optlen += 4;
+			}
+		}
+	}
 	/*
 	 * Send a timestamp and echo-reply if this is a SYN and our side
 	 * wants to use timestamps (TF_REQ_TSTMP is set) or both our side
 	 * and our peer have sent timestamps in our SYN's.
 	 */
 	if ((tp->t_flags & (TF_REQ_TSTMP|TF_NOOPT)) == TF_REQ_TSTMP &&
 	     (flags & TH_RST) == 0 &&
 	    ((flags & (TH_SYN|TH_ACK)) == TH_SYN ||
 	     (tp->t_flags & TF_RCVD_TSTMP))) {
 		u_int32_t *lp = (u_int32_t *)(opt + optlen);
 		/* Form timestamp option as shown in appendix A of RFC 1323. */
 		*lp++ = htonl(TCPOPT_TSTAMP_HDR);
 		*lp++ = htonl(TCP_TIMESTAMP(tp));
 		*lp   = htonl(tp->ts_recent);
 		optlen += TCPOLEN_TSTAMP_APPA;
 		/* Set receive buffer autosizing timestamp. */
 		if (tp->rfbuf_ts == 0 && (so->so_rcv.sb_flags & SB_AUTOSIZE))
 			tp->rfbuf_ts = TCP_TIMESTAMP(tp);
+	}
 	/*
 	 * Tack on the SACK block if it is necessary.
 	 */
 	if (sack_numblks) {
 		int sack_len;
 		u_char *bp = (u_char *)(opt + optlen);
 		u_int32_t *lp = (u_int32_t *)(bp + 4);
 		struct ipqent *tiqe;
 		sack_len = sack_numblks * 8 + 2;
 		bp[0] = TCPOPT_NOP;
 		bp[1] = TCPOPT_NOP;
 		bp[2] = TCPOPT_SACK;
 		bp[3] = sack_len;
 		if ((tp->rcv_sack_flags & TCPSACK_HAVED) != 0) {
 			sack_numblks--;
 			*lp++ = htonl(tp->rcv_dsack_block.left);
 			*lp++ = htonl(tp->rcv_dsack_block.right);
 			tp->rcv_sack_flags &= ~TCPSACK_HAVED;
+		}
 		for (tiqe = TAILQ_FIRST(&tp->timeq);
 		    sack_numblks > 0; tiqe = TAILQ_NEXT(tiqe, ipqe_timeq)) {
 			KASSERT(tiqe != NULL);
 			sack_numblks--;
 			*lp++ = htonl(tiqe->ipqe_seq);
 			*lp++ = htonl(tiqe->ipqe_seq + tiqe->ipqe_len +
 			    ((tiqe->ipqe_flags & TH_FIN) != 0 ? 1 : 0));
+		}
 		optlen += sack_len + 2;
+	}
 	TCP_REASS_UNLOCK(tp);
 #ifdef TCP_SIGNATURE
 	if (tp->t_flags & TF_SIGNATURE) {
 		u_char *bp;
 		/*
 		 * Initialize TCP-MD5 option (RFC2385)
 		 */
 		bp = (u_char *)opt + optlen;
 		*bp++ = TCPOPT_SIGNATURE;
 		*bp++ = TCPOLEN_SIGNATURE;
 		sigoff = optlen + 2;
 		bzero(bp, TCP_SIGLEN);
 		bp += TCP_SIGLEN;
 		optlen += TCPOLEN_SIGNATURE;
 		/*
 		 * Terminate options list and maintain 32-bit alignment.
  		 */
 		*bp++ = TCPOPT_NOP;
 		*bp++ = TCPOPT_EOL;
  		optlen += 2;
+ 	}
 #endif /* TCP_SIGNATURE */
 	hdrlen += optlen;
 #ifdef DIAGNOSTIC
 	if (!use_tso && len > txsegsize)
 		panic("tcp data to be sent is larger than segment");
 	else if (use_tso && len > IP_MAXPACKET)
 		panic("tcp data to be sent is larger than max TSO size");
 	if (max_linkhdr + hdrlen > MCLBYTES)
 		panic("tcphdr too big");
 #endif
 	/*
 	 * Grab a header mbuf, attaching a copy of data to
 	 * be transmitted, and initialize the header from
 	 * the template for sends on this connection.
 	 */
 	if (len) {
 		error = tcp_build_datapkt(tp, so, off, len, hdrlen, &m);
 		if (error)
 			goto out;
 		/*
 		 * If we're sending everything we've got, set PUSH.
 		 * (This will keep happy those implementations which only
 		 * give data to the user when a buffer fills or
 		 * a PUSH comes in.)
 		 */
 		if (off + len == so->so_snd.sb_cc)
 			flags |= TH_PUSH;
 	} else {
 		tcps = TCP_STAT_GETREF();
 		if (tp->t_flags & TF_ACKNOW)
 			tcps[TCP_STAT_SNDACKS]++;
 		else if (flags & (TH_SYN|TH_FIN|TH_RST))
 			tcps[TCP_STAT_SNDCTRL]++;
 		else if (SEQ_GT(tp->snd_up, tp->snd_una))
 			tcps[TCP_STAT_SNDURG]++;
 		else
 			tcps[TCP_STAT_SNDWINUP]++;
 		TCP_STAT_PUTREF();
 		MGETHDR(m, M_DONTWAIT, MT_HEADER);
 		if (m != NULL && max_linkhdr + hdrlen > MHLEN) {
 			MCLGET(m, M_DONTWAIT);
 			if ((m->m_flags & M_EXT) == 0) {
 				m_freem(m);
 				m = NULL;
+			}
+		}
 		if (m == NULL) {
 			error = ENOBUFS;
 			goto out;
+		}
 		MCLAIM(m, &tcp_tx_mowner);
 		m->m_data += max_linkhdr;
 		m->m_len = hdrlen;
+	}
 	m->m_pkthdr.rcvif = (struct ifnet *)0;
 	switch (af) {
 #ifdef INET
 	case AF_INET:
 		ip = mtod(m, struct ip *);
 #ifdef INET6
 		ip6 = NULL;
 #endif
 		th = (struct tcphdr *)(ip + 1);
 		break;
 #endif
 #ifdef INET6
 	case AF_INET6:
 		ip = NULL;
 		ip6 = mtod(m, struct ip6_hdr *);
 		th = (struct tcphdr *)(ip6 + 1);
 		break;
 #endif
 	default:	/*pacify gcc*/
 		ip = NULL;
 #ifdef INET6
 		ip6 = NULL;
 #endif
 		th = NULL;
 		break;
+	}
 	if (tp->t_template == 0)
 		panic("tcp_output");
 	if (tp->t_template->m_len < iphdrlen)
 		panic("tcp_output");
 	bcopy(mtod(tp->t_template, void *), mtod(m, void *), iphdrlen);
 	/*
 	 * If we are starting a connection, send ECN setup
 	 * SYN packet. If we are on a retransmit, we may
 	 * resend those bits a number of times as per
 	 * RFC 3168.
 	 */
 	if (tp->t_state == TCPS_SYN_SENT && tcp_do_ecn) {
 		if (tp->t_flags & TF_SYN_REXMT) {
 			if (tp->t_ecn_retries--)
 				flags |= TH_ECE|TH_CWR;
 		} else {
 			flags |= TH_ECE|TH_CWR;
 			tp->t_ecn_retries = tcp_ecn_maxretries;
+		}
+	}
 	if (TCP_ECN_ALLOWED(tp)) {
 		/*
 		 * If the peer has ECN, mark data packets
 		 * ECN capable. Ignore pure ack packets, retransmissions
 		 * and window probes.
 		 */
 		if (len > 0 && SEQ_GEQ(tp->snd_nxt, tp->snd_max) &&
 		    !(tp->t_force && len == 1)) {
 			ecn_tos = IPTOS_ECN_ECT0;
 			TCP_STATINC(TCP_STAT_ECN_ECT);
+		}
 		/*
 		 * Reply with proper ECN notifications.
 		 */
 		if (tp->t_flags & TF_ECN_SND_CWR) {
 			flags |= TH_CWR;
 			tp->t_flags &= ~TF_ECN_SND_CWR;
+		}
 		if (tp->t_flags & TF_ECN_SND_ECE) {
 			flags |= TH_ECE;
+		}
+	}
 	/*
 	 * If we are doing retransmissions, then snd_nxt will
 	 * not reflect the first unsent octet.  For ACK only
 	 * packets, we do not want the sequence number of the
 	 * retransmitted packet, we want the sequence number
 	 * of the next unsent octet.  So, if there is no data
 	 * (and no SYN or FIN), use snd_max instead of snd_nxt
 	 * when filling in ti_seq.  But if we are in persist
 	 * state, snd_max might reflect one byte beyond the
 	 * right edge of the window, so use snd_nxt in that
 	 * case, since we know we aren't doing a retransmission.
 	 * (retransmit and persist are mutually exclusive...)
 	 */
 	if (TCP_SACK_ENABLED(tp) && sack_rxmit) {
 		th->th_seq = htonl(p->rxmit);
 		p->rxmit += len;
 	} else {
 		if (len || (flags & (TH_SYN|TH_FIN)) ||
 		    TCP_TIMER_ISARMED(tp, TCPT_PERSIST))
 			th->th_seq = htonl(tp->snd_nxt);
 		else
 			th->th_seq = htonl(tp->snd_max);
+	}
 	th->th_ack = htonl(tp->rcv_nxt);
 	if (optlen) {
 		bcopy((void *)opt, (void *)(th + 1), optlen);
 		th->th_off = (sizeof (struct tcphdr) + optlen) >> 2;
+	}
 	th->th_flags = flags;
 	/*
 	 * Calculate receive window.  Don't shrink window,
 	 * but avoid silly window syndrome.
 	 */
 	if (win < (long)(so->so_rcv.sb_hiwat / 4) && win < (long)rxsegsize)
 		win = 0;
 	if (win > (long)TCP_MAXWIN << tp->rcv_scale)
 		win = (long)TCP_MAXWIN << tp->rcv_scale;
 	if (win < (long)(int32_t)(tp->rcv_adv - tp->rcv_nxt))
 		win = (long)(int32_t)(tp->rcv_adv - tp->rcv_nxt);
 	th->th_win = htons((u_int16_t) (win>>tp->rcv_scale));
 	if (SEQ_GT(tp->snd_up, tp->snd_nxt)) {
 		u_int32_t urp = tp->snd_up - tp->snd_nxt;
 		if (urp > IP_MAXPACKET)
 			urp = IP_MAXPACKET;
 		th->th_urp = htons((u_int16_t)urp);
 		th->th_flags |= TH_URG;
 	} else
 		/*
 		 * If no urgent pointer to send, then we pull
 		 * the urgent pointer to the left edge of the send window
 		 * so that it doesn't drift into the send window on sequence
 		 * number wraparound.
 		 */
 		tp->snd_up = tp->snd_una;		/* drag it along */
 #ifdef TCP_SIGNATURE
 	if (sigoff && (tp->t_flags & TF_SIGNATURE)) {
 		struct secasvar *sav;
 		u_int8_t *sigp;
 		sav = tcp_signature_getsav(m, th);
 		if (sav == NULL) {
 			if (m)
 				m_freem(m);
 			return (EPERM);
+		}
 		m->m_pkthdr.len = hdrlen + len;
 		sigp = (char *)th + sizeof(*th) + sigoff;
 		tcp_signature(m, th, (char *)th - mtod(m, char *), sav, sigp);
 		key_sa_recordxfer(sav, m);
 #ifdef FAST_IPSEC
 		KEY_FREESAV(&sav);
 #else
 		key_freesav(sav);
 #endif
+	}
 #endif
 	/*
 	 * Set ourselves up to be checksummed just before the packet
 	 * hits the wire.
 	 */
 	switch (af) {
 #ifdef INET
 	case AF_INET:
 		m->m_pkthdr.csum_data = offsetof(struct tcphdr, th_sum);
 		if (use_tso) {
 			m->m_pkthdr.segsz = txsegsize;
 			m->m_pkthdr.csum_flags = M_CSUM_TSOv4;
 		} else {
 			m->m_pkthdr.csum_flags = M_CSUM_TCPv4;
 			if (len + optlen) {
 				/* Fixup the pseudo-header checksum. */
 				/* XXXJRT Not IP Jumbogram safe. */
 				th->th_sum = in_cksum_addword(th->th_sum,
 				    htons((u_int16_t) (len + optlen)));
+			}
+		}
 		break;
 #endif
 #ifdef INET6
 	case AF_INET6:
 		m->m_pkthdr.csum_data = offsetof(struct tcphdr, th_sum);
 		if (use_tso) {
 			m->m_pkthdr.segsz = txsegsize;
 			m->m_pkthdr.csum_flags = M_CSUM_TSOv6;
 		} else {
 			m->m_pkthdr.csum_flags = M_CSUM_TCPv6;
 			if (len + optlen) {
 				/* Fixup the pseudo-header checksum. */
 				/* XXXJRT: Not IPv6 Jumbogram safe. */
 				th->th_sum = in_cksum_addword(th->th_sum,
 				    htons((u_int16_t) (len + optlen)));
+			}
+		}
 		break;
 #endif
+	}
 	/*
 	 * In transmit state, time the transmission and arrange for
 	 * the retransmit.  In persist state, just set snd_max.
 	 */
 	if (tp->t_force == 0 || TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0) {
 		tcp_seq startseq = tp->snd_nxt;
 		/*
 		 * Advance snd_nxt over sequence space of this segment.
 		 * There are no states in which we send both a SYN and a FIN,
 		 * so we collapse the tests for these flags.
 		 */
 		if (flags & (TH_SYN|TH_FIN))
 			tp->snd_nxt++;
 		if (sack_rxmit)
 			goto timer;
 		tp->snd_nxt += len;
 		if (SEQ_GT(tp->snd_nxt, tp->snd_max)) {
 			tp->snd_max = tp->snd_nxt;
 			/*
 			 * Time this transmission if not a retransmission and
 			 * not currently timing anything.
 			 */
 			if (tp->t_rtttime == 0) {
 				tp->t_rtttime = tcp_now;
 				tp->t_rtseq = startseq;
 				TCP_STATINC(TCP_STAT_SEGSTIMED);
+			}
+		}
 		/*
 		 * Set retransmit timer if not currently set,
 		 * and not doing an ack or a keep-alive probe.
 		 * Initial value for retransmit timer is smoothed
 		 * round-trip time + 2 * round-trip time variance.
 		 * Initialize shift counter which is used for backoff
 		 * of retransmit time.
 		 */
 timer:
-		if (TCP_TIMER_ISARMED(tp, TCPT_REXMT) == 0 &&
+		if (TCP_TIMER_ISARMED(tp, TCPT_REXMT) == 0) {
-			((sack_rxmit && tp->snd_nxt != tp->snd_max) ||
+			if ((sack_rxmit && tp->snd_nxt != tp->snd_max)
-		    tp->snd_nxt != tp->snd_una)) {
+			    || tp->snd_nxt != tp->snd_una) {
-			if (TCP_TIMER_ISARMED(tp, TCPT_PERSIST)) {
+				if (TCP_TIMER_ISARMED(tp, TCPT_PERSIST)) {
-				TCP_TIMER_DISARM(tp, TCPT_PERSIST);
+					TCP_TIMER_DISARM(tp, TCPT_PERSIST);
 					tp->t_rxtshift = 0;
+				}
 				TCP_TIMER_ARM(tp, TCPT_REXMT, tp->t_rxtcur);
 			} else if (len == 0 && so->so_snd.sb_cc > 0
 			    && TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0) {
 				/*
 				 * If we are sending a window probe and there's
 				 * unacked data in the socket, make sure at
 				 * least the persist timer is running.
 				 */
 				tp->t_rxtshift = 0;
 				tcp_setpersist(tp);
+			}
 			TCP_TIMER_ARM(tp, TCPT_REXMT, tp->t_rxtcur);
+		}
 	} else
 		if (SEQ_GT(tp->snd_nxt + len, tp->snd_max))
 			tp->snd_max = tp->snd_nxt + len;
 #ifdef TCP_DEBUG
 	/*
 	 * Trace.
 	 */
 	if (so->so_options & SO_DEBUG)
 		tcp_trace(TA_OUTPUT, tp->t_state, tp, m, 0);
 #endif
 	/*
 	 * Fill in IP length and desired time to live and
 	 * send to IP level.  There should be a better way
 	 * to handle ttl and tos; we could keep them in
 	 * the template, but need a way to checksum without them.
 	 */
 	m->m_pkthdr.len = hdrlen + len;
 	switch (af) {
 #ifdef INET
 	case AF_INET:
 		ip->ip_len = htons(m->m_pkthdr.len);
 		packetlen = m->m_pkthdr.len;
 		if (tp->t_inpcb) {
 			ip->ip_ttl = tp->t_inpcb->inp_ip.ip_ttl;
 			ip->ip_tos = tp->t_inpcb->inp_ip.ip_tos | ecn_tos;
+		}
 #ifdef INET6
 		else if (tp->t_in6pcb) {
 			ip->ip_ttl = in6_selecthlim(tp->t_in6pcb, NULL); /*XXX*/
 			ip->ip_tos = ecn_tos;	/*XXX*/
+		}
 #endif
 		break;
 #endif
 #ifdef INET6
 	case AF_INET6:
 		packetlen = m->m_pkthdr.len;
 		ip6->ip6_nxt = IPPROTO_TCP;
 		if (tp->t_in6pcb) {
 			/*
 			 * we separately set hoplimit for every segment, since
 			 * the user might want to change the value via
 			 * setsockopt. Also, desired default hop limit might
 			 * be changed via Neighbor Discovery.
 			 */
 			ip6->ip6_hlim = in6_selecthlim(tp->t_in6pcb,
 				(rt = rtcache_validate(ro)) != NULL ? rt->rt_ifp
 				                                    : NULL);
+		}
 		ip6->ip6_flow |= htonl(ecn_tos << 20);
 		/* ip6->ip6_flow = ??? (from template) */
 		/* ip6_plen will be filled in ip6_output(). */
 		break;
 #endif
 	default:	/*pacify gcc*/
 		packetlen = 0;
 		break;
+	}
 	switch (af) {
 #ifdef INET
 	case AF_INET:
+	    {
 		struct mbuf *opts;
 		if (tp->t_inpcb)
 			opts = tp->t_inpcb->inp_options;
 		else
 			opts = NULL;
 		error = ip_output(m, opts, ro,
 			(tp->t_mtudisc ? IP_MTUDISC : 0) |
 			(so->so_options & SO_DONTROUTE),
 			(struct ip_moptions *)0, so);
 		break;
+	    }
 #endif
 #ifdef INET6
 	case AF_INET6:
+	    {
 		struct ip6_pktopts *opts;
 		if (tp->t_in6pcb)
 			opts = tp->t_in6pcb->in6p_outputopts;
 		else
 			opts = NULL;
 		error = ip6_output(m, opts, ro, so->so_options & SO_DONTROUTE,
 			NULL, so, NULL);
 		break;
+	    }
 #endif
 	default:
 		error = EAFNOSUPPORT;
 		break;
+	}
 	if (error) {
 out:
 		if (error == ENOBUFS) {
 			TCP_STATINC(TCP_STAT_SELFQUENCH);
 #ifdef INET
 			if (tp->t_inpcb)
 				tcp_quench(tp->t_inpcb, 0);
 #endif
 #ifdef INET6
 			if (tp->t_in6pcb)
 				tcp6_quench(tp->t_in6pcb, 0);
 #endif
 			error = 0;
 		} else if ((error == EHOSTUNREACH || error == ENETDOWN) &&
 		    TCPS_HAVERCVDSYN(tp->t_state)) {
 			tp->t_softerror = error;
 			error = 0;
+		}
 		/* Back out the seqence number advance. */
 		if (sack_rxmit)
 			p->rxmit -= len;
 		/* Restart the delayed ACK timer, if necessary. */
 		if (tp->t_flags & TF_DELACK)
 			TCP_RESTART_DELACK(tp);
 		return (error);
+	}
 	if (packetlen > tp->t_pmtud_mtu_sent)
 		tp->t_pmtud_mtu_sent = packetlen;
 	tcps = TCP_STAT_GETREF();
 	tcps[TCP_STAT_SNDTOTAL]++;
 	if (tp->t_flags & TF_DELACK)
 		tcps[TCP_STAT_DELACK]++;
 	TCP_STAT_PUTREF();
 	/*
 	 * Data sent (as far as we can tell).
 	 * If this advertises a larger window than any other segment,
 	 * then remember the size of the advertised window.
 	 * Any pending ACK has now been sent.
 	 */
 	if (win > 0 && SEQ_GT(tp->rcv_nxt+win, tp->rcv_adv))
 		tp->rcv_adv = tp->rcv_nxt + win;
 	tp->last_ack_sent = tp->rcv_nxt;
 	tp->t_flags &= ~TF_ACKNOW;
 	TCP_CLEAR_DELACK(tp);
 #ifdef DIAGNOSTIC
 	if (maxburst < 0)
 		printf("tcp_output: maxburst exceeded by %d\n", -maxburst);
 #endif
 	if (sendalot && (tp->t_congctl == &tcp_reno_ctl || --maxburst))
 		goto again;
 	return (0);
+}
 void
 tcp_setpersist(struct tcpcb *tp)
+{
 	int t = ((tp->t_srtt >> 2) + tp->t_rttvar) >> (1 + 2);
 	int nticks;
 	if (TCP_TIMER_ISARMED(tp, TCPT_REXMT))
 		panic("tcp_output REXMT");
 	/*
 	 * Start/restart persistance timer.
 	 */
 	if (t < tp->t_rttmin)
 		t = tp->t_rttmin;
 	TCPT_RANGESET(nticks, t * tcp_backoff[tp->t_rxtshift],
 	    TCPTV_PERSMIN, TCPTV_PERSMAX);
 	TCP_TIMER_ARM(tp, TCPT_PERSIST, nticks);
 	if (tp->t_rxtshift < TCP_MAXRXTSHIFT)
 		tp->t_rxtshift++;
+}