 @@ -1,14 +1,14 @@
-/*	$NetBSD: if_stf.c,v 1.83 2016/01/20 21:43:59 riastradh Exp $	*/
+/*	$NetBSD: if_stf.c,v 1.84 2016/01/22 05:15:10 riastradh Exp $	*/
 /*	$KAME: if_stf.c,v 1.62 2001/06/07 22:32:16 itojun Exp $ */
 /*
  * Copyright (C) 2000 WIDE Project.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
 @@ -65,45 +65,44 @@
  * Even if we assign link-locals to interface, we cannot really
  * use link-local unicast/multicast on top of 6to4 cloud (since there's no
  * encapsulation defined for link-local address), and the above analysis does
  * not change.  RFC3056 does not mandate the assignment of link-local address
  * either.
+ *
  * 6to4 interface has security issues.  Refer to
  * http://playground.iijlab.net/i-d/draft-itojun-ipv6-transition-abuse-00.txt
  * for details.  The code tries to filter out some of malicious packets.
  * Note that there is no way to be 100% secure.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_stf.c,v 1.83 2016/01/20 21:43:59 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_stf.c,v 1.84 2016/01/22 05:15:10 riastradh Exp $");
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
 #endif
 #ifndef INET6
 	#error "pseudo-device stf requires options INET6"
 #endif
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/socket.h>
 #include <sys/sockio.h>
 #include <sys/mbuf.h>
 #include <sys/errno.h>
 #include <sys/ioctl.h>
 #include <sys/proc.h>
 #include <sys/protosw.h>
 #include <sys/queue.h>
 #include <sys/syslog.h>
 #include <sys/cpu.h>
 #include <net/if.h>
 #include <net/route.h>
 #include <net/netisr.h>
 #include <net/if_types.h>
 #include <net/if_stf.h>
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 @@ -146,38 +145,29 @@ static LIST_HEAD(, stf_softc) stf_softc_
 static int	stf_clone_create(struct if_clone *, int);
 static int	stf_clone_destroy(struct ifnet *);
 struct if_clone stf_cloner =
     IF_CLONE_INITIALIZER("stf", stf_clone_create, stf_clone_destroy);
 #if NGIF > 0
 extern int ip_gif_ttl;	/*XXX*/
 #else
 static int ip_gif_ttl = 40;	/*XXX*/
 #endif
-extern struct domain inetdomain;
+static const struct encapsw in_stf_encapsw = {
 	.en_input	= in_stf_input,
-static const struct protosw in_stf_protosw =
+	.en_ctlinput	= NULL,
 	.pr_type	= SOCK_RAW,
 	.pr_domain	= &inetdomain,
 	.pr_protocol	= IPPROTO_IPV6,
 	.pr_flags	= PR_ATOMIC|PR_ADDR,
 	.pr_input	= in_stf_input,
 	.pr_ctlinput	= NULL,
 	.pr_ctloutput	= rip_ctloutput,
 	.pr_usrreqs	= &rip_usrreqs,
 };
 static int stf_encapcheck(struct mbuf *, int, int, void *);
 static struct in6_ifaddr *stf_getsrcifa6(struct ifnet *);
 static int stf_output(struct ifnet *, struct mbuf *, const struct sockaddr *,
 	struct rtentry *);
 static int isrfc1918addr(const struct in_addr *);
 static int stf_checkaddr4(struct stf_softc *, const struct in_addr *,
 	struct ifnet *);
 static int stf_checkaddr6(struct stf_softc *, const struct in6_addr *,
 	struct ifnet *);
 static void stf_rtrequest(int, struct rtentry *, const struct rt_addrinfo *);
 static int stf_ioctl(struct ifnet *, u_long, void *);
 @@ -196,27 +186,27 @@ stf_clone_create(struct if_clone *ifc, i
+{
 	struct stf_softc *sc;
 	if (LIST_FIRST(&stf_softc_list) != NULL) {
 		/* Only one stf interface is allowed. */
 		return (EEXIST);
+	}
 	sc = malloc(sizeof(struct stf_softc), M_DEVBUF, M_WAIT|M_ZERO);
 	if_initname(&sc->sc_if, ifc->ifc_name, unit);
 	sc->encap_cookie = encap_attach_func(AF_INET, IPPROTO_IPV6,
-	    stf_encapcheck, &in_stf_protosw, sc);
+	    stf_encapcheck, &in_stf_encapsw, sc);
 	if (sc->encap_cookie == NULL) {
 		printf("%s: unable to attach encap\n", if_name(&sc->sc_if));
 		free(sc, M_DEVBUF);
 		return (EIO);	/* XXX */
+	}
 	sc->sc_if.if_mtu    = STF_MTU;
 	sc->sc_if.if_flags  = 0;
 	sc->sc_if.if_ioctl  = stf_ioctl;
 	sc->sc_if.if_output = stf_output;
 	sc->sc_if.if_type   = IFT_STF;
 	sc->sc_if.if_dlt    = DLT_NULL;
 	if_attach(&sc->sc_if);

 @@ -1,14 +1,14 @@
-/*	$NetBSD: in_gif.c,v 1.69 2016/01/20 21:43:59 riastradh Exp $	*/
+/*	$NetBSD: in_gif.c,v 1.70 2016/01/22 05:15:10 riastradh Exp $	*/
 /*	$KAME: in_gif.c,v 1.66 2001/07/29 04:46:09 itojun Exp $	*/
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
 @@ -21,41 +21,40 @@
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: in_gif.c,v 1.69 2016/01/20 21:43:59 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in_gif.c,v 1.70 2016/01/22 05:15:10 riastradh Exp $");
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
 #endif
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/socket.h>
 #include <sys/sockio.h>
 #include <sys/mbuf.h>
 #include <sys/errno.h>
 #include <sys/ioctl.h>
 #include <sys/syslog.h>
 #include <sys/protosw.h>
 #include <sys/kernel.h>
 #include <net/if.h>
 #include <net/route.h>
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 #include <netinet/ip.h>
 #include <netinet/ip_var.h>
 #include <netinet/in_gif.h>
 #include <netinet/in_var.h>
 #include <netinet/ip_encap.h>
 #include <netinet/ip_ecn.h>
 @@ -69,35 +68,29 @@ __KERNEL_RCSID(0, "$NetBSD: in_gif.c,v 1
 #include "gif.h"
 #include <net/net_osdep.h>
 static int gif_validate4(const struct ip *, struct gif_softc *,
 	struct ifnet *);
 #if NGIF > 0
 int ip_gif_ttl = GIF_TTL;
 #else
 int ip_gif_ttl = 0;
 #endif
-static const struct protosw in_gif_protosw = {
+static const struct encapsw in_gif_encapsw = {
-	.pr_type	= SOCK_RAW,
+	.en_input	= in_gif_input,
-	.pr_domain	= &inetdomain,
+	.en_ctlinput	= NULL,
 	.pr_protocol	= 0 /* IPPROTO_IPV[46] */,
 	.pr_flags	= PR_ATOMIC|PR_ADDR,
 	.pr_input	= in_gif_input,
 	.pr_ctlinput	= NULL,
 	.pr_ctloutput	= rip_ctloutput,
 	.pr_usrreqs	= &rip_usrreqs,
 };
 int
 in_gif_output(struct ifnet *ifp, int family, struct mbuf *m)
+{
 	struct rtentry *rt;
 	struct gif_softc *sc = ifp->if_softc;
 	struct sockaddr_in *sin_src = satosin(sc->gif_psrc);
 	struct sockaddr_in *sin_dst = satosin(sc->gif_pdst);
 	struct ip iphdr;	/* capsule IP header, host byte ordered */
 	int proto, error;
 	u_int8_t tos;
 	union {
 @@ -371,30 +364,30 @@ int
 in_gif_attach(struct gif_softc *sc)
+{
 #ifndef GIF_ENCAPCHECK
 	struct sockaddr_in mask4;
 	memset(&mask4, 0, sizeof(mask4));
 	mask4.sin_len = sizeof(struct sockaddr_in);
 	mask4.sin_addr.s_addr = ~0;
 	if (!sc->gif_psrc || !sc->gif_pdst)
 		return EINVAL;
 	sc->encap_cookie4 = encap_attach(AF_INET, -1, sc->gif_psrc,
 	    (struct sockaddr *)&mask4, sc->gif_pdst, (struct sockaddr *)&mask4,
-	    (const struct protosw *)&in_gif_protosw, sc);
+	    &in_gif_encapsw, sc);
 #else
 	sc->encap_cookie4 = encap_attach_func(AF_INET, -1, gif_encapcheck,
-	    &in_gif_protosw, sc);
+	    &in_gif_encapsw, sc);
 #endif
 	if (sc->encap_cookie4 == NULL)
 		return EEXIST;
 	return 0;
+}
 int
 in_gif_detach(struct gif_softc *sc)
+{
 	int error;
 	error = encap_detach(sc->encap_cookie4);
 	if (error == 0)

 @@ -1,14 +1,14 @@
-/*	$NetBSD: ip_encap.c,v 1.48 2016/01/20 05:58:49 knakahara Exp $	*/
+/*	$NetBSD: ip_encap.c,v 1.49 2016/01/22 05:15:10 riastradh Exp $	*/
 /*	$KAME: ip_encap.c,v 1.73 2001/10/02 08:30:58 itojun Exp $	*/
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
 @@ -57,27 +57,27 @@
  */
 /* XXX is M_NETADDR correct? */
 /*
  * The code will use radix table for tunnel lookup, for
  * tunnels registered with encap_attach() with a addr/mask pair.
  * Faster on machines with thousands of tunnel registerations (= interfaces).
+ *
  * The code assumes that radix table code can handle non-continuous netmask,
  * as it will pass radix table memory region with (src + dst) sockaddr pair.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_encap.c,v 1.48 2016/01/20 05:58:49 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_encap.c,v 1.49 2016/01/22 05:15:10 riastradh Exp $");
 #ifdef _KERNEL_OPT
 #include "opt_mrouting.h"
 #include "opt_inet.h"
 #endif
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/socket.h>
 #include <sys/sockio.h>
 #include <sys/mbuf.h>
 #include <sys/errno.h>
 #include <sys/protosw.h>
 @@ -230,42 +230,42 @@ encap4_lookup(struct mbuf *m, int off, i
 			matchprio = prio;
 			match = ep;
+		}
+	}
 	return match;
+}
 void
 encap4_input(struct mbuf *m, ...)
+{
 	int off, proto;
 	va_list ap;
-	const struct protosw *psw;
+	const struct encapsw *esw;
 	struct encaptab *match;
 	va_start(ap, m);
 	off = va_arg(ap, int);
 	proto = va_arg(ap, int);
 	va_end(ap);
 	match = encap4_lookup(m, off, proto, INBOUND);
 	if (match) {
 		/* found a match, "match" has the best one */
-		psw = match->psw;
+		esw = match->esw;
-		if (psw && psw->pr_input) {
+		if (esw && esw->en_input) {
 			encap_fillarg(m, match);
-			(*psw->pr_input)(m, off, proto);
+			(*esw->en_input)(m, off, proto);
 		} else
 			m_freem(m);
 		return;
+	}
 	/* last resort: inject to raw socket */
 	rip_input(m, off, proto);
+}
 #endif
 #ifdef INET6
 static struct encaptab *
 encap6_lookup(struct mbuf *m, int off, int proto, enum direction dir)
 @@ -319,37 +319,40 @@ encap6_lookup(struct mbuf *m, int off, i
 		if (prio > matchprio) {
 			matchprio = prio;
 			match = ep;
+		}
+	}
 	return match;
+}
 int
 encap6_input(struct mbuf **mp, int *offp, int proto)
+{
 	struct mbuf *m = *mp;
-	const struct ip6protosw *psw;
+	const struct encapsw *esw;
 	struct encaptab *match;
 	match = encap6_lookup(m, *offp, proto, INBOUND);
 	if (match) {
 		/* found a match */
-		psw = (const struct ip6protosw *)match->psw;
+		esw = match->esw;
-		if (psw && psw->pr_input) {
+		if (esw && esw->en_input) {
 			/* XXX IPv6 cast, eliminate me */
 			int (*input)(struct mbuf **, int *, int) =
 			    (int (*)(struct mbuf **, int *, int))esw->en_input;
 			encap_fillarg(m, match);
-			return (*psw->pr_input)(mp, offp, proto);
+			return (*input)(mp, offp, proto);
 		} else {
 			m_freem(m);
 			return IPPROTO_DONE;
+		}
+	}
 	/* last resort: inject to raw socket */
 	return rip6_input(mp, offp, proto);
+}
 #endif
 static int
 encap_add(struct encaptab *ep)
 @@ -421,27 +424,27 @@ encap_afcheck(int af, const struct socka
 	return 0;
+}
 /*
  * sp (src ptr) is always my side, and dp (dst ptr) is always remote side.
  * length of mask (sm and dm) is assumed to be same as sp/dp.
  * Return value will be necessary as input (cookie) for encap_detach().
  */
 const struct encaptab *
 encap_attach(int af, int proto,
     const struct sockaddr *sp, const struct sockaddr *sm,
     const struct sockaddr *dp, const struct sockaddr *dm,
-    const struct protosw *psw, void *arg)
+    const struct encapsw *esw, void *arg)
+{
 	struct encaptab *ep;
 	int error;
 	int s;
 	size_t l;
 	struct ip_pack4 *pack4;
 #ifdef INET6
 	struct ip_pack6 *pack6;
 #endif
 	s = splsoftnet();
 	/* sanity check on args */
 	error = encap_afcheck(af, sp, dp);
 @@ -524,80 +527,80 @@ encap_attach(int af, int proto,
 		ep->src = (struct sockaddr *)&pack6->mine;
 		ep->dst = (struct sockaddr *)&pack6->yours;
 		pack6 = (struct ip_pack6 *)ep->maskpack;
 		ep->srcmask = (struct sockaddr *)&pack6->mine;
 		ep->dstmask = (struct sockaddr *)&pack6->yours;
 		break;
 #endif
+	}
 	memcpy(ep->src, sp, sp->sa_len);
 	memcpy(ep->srcmask, sm, sp->sa_len);
 	memcpy(ep->dst, dp, dp->sa_len);
 	memcpy(ep->dstmask, dm, dp->sa_len);
-	ep->psw = psw;
+	ep->esw = esw;
 	ep->arg = arg;
 	error = encap_add(ep);
 	if (error)
 		goto gc;
 	error = 0;
 	splx(s);
 	return ep;
 gc:
 	if (ep->addrpack)
 		kmem_free(ep->addrpack, l);
 	if (ep->maskpack)
 		kmem_free(ep->maskpack, l);
 	if (ep)
 		kmem_free(ep, sizeof(*ep));
 fail:
 	splx(s);
 	return NULL;
+}
 const struct encaptab *
 encap_attach_func(int af, int proto,
     int (*func)(struct mbuf *, int, int, void *),
-    const struct protosw *psw, void *arg)
+    const struct encapsw *esw, void *arg)
+{
 	struct encaptab *ep;
 	int error;
 	int s;
 	s = splsoftnet();
 	/* sanity check on args */
 	if (!func) {
 		error = EINVAL;
 		goto fail;
+	}
 	error = encap_afcheck(af, NULL, NULL);
 	if (error)
 		goto fail;
 	ep = kmem_alloc(sizeof(*ep), KM_NOSLEEP);	/*XXX*/
 	if (ep == NULL) {
 		error = ENOBUFS;
 		goto fail;
+	}
 	memset(ep, 0, sizeof(*ep));
 	ep->af = af;
 	ep->proto = proto;
 	ep->func = func;
-	ep->psw = psw;
+	ep->esw = esw;
 	ep->arg = arg;
 	error = encap_add(ep);
 	if (error)
 		goto fail;
 	error = 0;
 	splx(s);
 	return ep;
 fail:
 	splx(s);
 	return NULL;
 @@ -606,27 +609,27 @@ fail:
 /* XXX encap4_ctlinput() is necessary if we set DF=1 on outer IPv4 header */
 #ifdef INET6
 void *
 encap6_ctlinput(int cmd, const struct sockaddr *sa, void *d0)
+{
 	void *d = d0;
 	struct ip6_hdr *ip6;
 	struct mbuf *m;
 	int off;
 	struct ip6ctlparam *ip6cp = NULL;
 	int nxt;
 	struct encaptab *ep;
-	const struct ip6protosw *psw;
+	const struct encapsw *esw;
 	if (sa->sa_family != AF_INET6 ||
 	    sa->sa_len != sizeof(struct sockaddr_in6))
 		return NULL;
 	if ((unsigned)cmd >= PRC_NCMDS)
 		return NULL;
 	if (cmd == PRC_HOSTDEAD)
 		d = NULL;
 	else if (cmd == PRC_MSGSIZE)
 		; /* special code is present, see below */
 	else if (inet6ctlerrmap[cmd] == 0)
 		return NULL;
 @@ -665,29 +668,29 @@ encap6_ctlinput(int cmd, const struct so
 		nxt = -1;
+	}
 	/* inform all listeners */
 	LIST_FOREACH(ep, &encaptab, chain) {
 		if (ep->af != AF_INET6)
 			continue;
 		if (ep->proto >= 0 && ep->proto != nxt)
 			continue;
 		/* should optimize by looking at address pairs */
 		/* XXX need to pass ep->arg or ep itself to listeners */
-		psw = (const struct ip6protosw *)ep->psw;
+		esw = ep->esw;
-		if (psw && psw->pr_ctlinput)
+		if (esw && esw->en_ctlinput)
-			(*psw->pr_ctlinput)(cmd, sa, d);
+			(*esw->en_ctlinput)(cmd, sa, d);
+	}
 	rip6_ctlinput(cmd, sa, d0);
 	return NULL;
+}
 #endif
 int
 encap_detach(const struct encaptab *cookie)
+{
 	const struct encaptab *ep = cookie;
 	struct encaptab *p, *np;
 	int error;

 @@ -1,14 +1,14 @@
-/*	$NetBSD: ip_encap.h,v 1.13 2008/11/25 18:28:05 pooka Exp $	*/
+/*	$NetBSD: ip_encap.h,v 1.14 2016/01/22 05:15:10 riastradh Exp $	*/
 /*	$KAME: ip_encap.h,v 1.7 2000/03/25 07:23:37 sumikawa Exp $	*/
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
 @@ -29,62 +29,67 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 #ifndef _NETINET_IP_ENCAP_H_
 #define _NETINET_IP_ENCAP_H_
 #ifdef _KERNEL
 #ifndef RNF_NORMAL
 #include <net/radix.h>
 #endif
 struct encapsw {
 	void (*en_input)(struct mbuf *, ...);
 	void *(*en_ctlinput)(int, const struct sockaddr *, void *);
 };
 struct encaptab {
 	struct radix_node nodes[2];
 	LIST_ENTRY(encaptab) chain;
 	int af;
 	int proto;			/* -1: don't care, I'll check myself */
 	struct sockaddr *addrpack;	/* malloc'ed, for radix lookup */
 	struct sockaddr *maskpack;	/* ditto */
 	struct sockaddr *src;		/* my addr */
 	struct sockaddr *srcmask;
 	struct sockaddr *dst;		/* remote addr */
 	struct sockaddr *dstmask;
 	int (*func) (struct mbuf *, int, int, void *);
-	const struct protosw *psw;	/* only pr_input will be used */
+	const struct encapsw *esw;
 	void *arg;			/* passed via PACKET_TAG_ENCAP */
 };
 /* to lookup a pair of address using radix tree */
 struct sockaddr_pack {
 	u_int8_t sp_len;
 	u_int8_t sp_family;	/* not really used */
 	/* followed by variable-length data */
 };
 struct ip_pack4 {
 	struct sockaddr_pack p;
 	struct sockaddr_in mine;
 	struct sockaddr_in yours;
 };
 struct ip_pack6 {
 	struct sockaddr_pack p;
 	struct sockaddr_in6 mine;
 	struct sockaddr_in6 yours;
 };
 void	encap_init(void);
 void	encap4_input(struct mbuf *, ...);
 int	encap6_input(struct mbuf **, int *, int);
 const struct encaptab *encap_attach(int, int, const struct sockaddr *,
 	const struct sockaddr *, const struct sockaddr *,
-	const struct sockaddr *, const struct protosw *, void *);
+	const struct sockaddr *, const struct encapsw *, void *);
 const struct encaptab *encap_attach_func(int, int,
 	int (*)(struct mbuf *, int, int, void *),
-	const struct protosw *, void *);
+	const struct encapsw *, void *);
 void	*encap6_ctlinput(int, const struct sockaddr *, void *);
 int	encap_detach(const struct encaptab *);
 void	*encap_getarg(struct mbuf *);
 #endif
 #endif /* !_NETINET_IP_ENCAP_H_ */

 @@ -1,14 +1,14 @@
-/*	$NetBSD: ip_mroute.c,v 1.134 2016/01/20 21:43:59 riastradh Exp $	*/
+/*	$NetBSD: ip_mroute.c,v 1.135 2016/01/22 05:15:10 riastradh Exp $	*/
 /*
  * Copyright (c) 1992, 1993
  *      The Regents of the University of California.  All rights reserved.
+ *
  * This code is derived from software contributed to Berkeley by
  * Stephen Deering of Stanford University.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
 @@ -83,27 +83,27 @@
  * Modified by Charles M. Hannum, NetBSD, May 1995.
  * Modified by Ahmed Helmy, SGI, June 1996
  * Modified by George Edmond Eddy (Rusty), ISI, February 1998
  * Modified by Pavlin Radoslavov, USC/ISI, May 1998, August 1999, October 2000
  * Modified by Hitoshi Asaeda, WIDE, August 2000
  * Modified by Pavlin Radoslavov, ICSI, October 2002
+ *
  * MROUTING Revision: 1.2
  * and PIM-SMv2 and PIM-DM support, advanced API support,
  * bandwidth metering and signaling
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_mroute.c,v 1.134 2016/01/20 21:43:59 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_mroute.c,v 1.135 2016/01/22 05:15:10 riastradh Exp $");
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
 #include "opt_ipsec.h"
 #include "opt_pim.h"
 #endif
 #ifdef PIM
 #define _PIM_VT 1
 #endif
 #include <sys/param.h>
 #include <sys/systm.h>
 @@ -183,34 +183,29 @@ u_int       	tbfdebug = 0;     /* tbf de
 #ifdef RSVP_ISI
 u_int		rsvpdebug = 0;	  /* rsvp debug level   */
 #define	RSVP_DPRINTF(a)	do if (rsvpdebug) printf a; while (/*CONSTCOND*/0)
 extern struct socket *ip_rsvpd;
 extern int rsvp_on;
 #else
 #define	RSVP_DPRINTF(a)	do {} while (/*CONSTCOND*/0)
 #endif /* RSVP_ISI */
 /* vif attachment using sys/netinet/ip_encap.c */
 static void vif_input(struct mbuf *, ...);
 static int vif_encapcheck(struct mbuf *, int, int, void *);
-static const struct protosw vif_protosw = {
+static const struct encapsw vif_encapsw = {
-	.pr_type	= SOCK_RAW,
+	.en_input	= vif_input,
-	.pr_domain	= &inetdomain,
+	.en_ctlinput	= NULL,
 	.pr_protocol	= IPPROTO_IPV4,
 	.pr_flags	= PR_ATOMIC|PR_ADDR,
 	.pr_input	= vif_input,
 	.pr_ctloutput	= rip_ctloutput,
 	.pr_usrreqs	= &rip_usrreqs,
 };
 #define		EXPIRE_TIMEOUT	(hz / 4)	/* 4x / second */
 #define		UPCALL_EXPIRE	6		/* number of timeouts */
 /*
  * Define the token bucket filter structures
  */
 #define		TBF_REPROCESS	(hz / 100)	/* 100x / second */
 static int get_sg_cnt(struct sioc_sg_req *);
 static int get_vif_cnt(struct sioc_vif_req *);
 @@ -827,27 +822,27 @@ add_vif(struct vifctl *vifcp)
 			log(LOG_ERR, "source routed tunnels not supported\n");
 			return (EOPNOTSUPP);
+		}
 		/* attach this vif to decapsulator dispatch table */
 		/*
 		 * XXX Use addresses in registration so that matching
 		 * can be done with radix tree in decapsulator.  But,
 		 * we need to check inner header for multicast, so
 		 * this requires both radix tree lookup and then a
 		 * function to check, and this is not supported yet.
 		 */
 		vifp->v_encap_cookie = encap_attach_func(AF_INET, IPPROTO_IPV4,
-		    vif_encapcheck, &vif_protosw, vifp);
+		    vif_encapcheck, &vif_encapsw, vifp);
 		if (!vifp->v_encap_cookie)
 			return (EINVAL);
 		/* Create a fake encapsulation interface. */
 		ifp = malloc(sizeof(*ifp), M_MRTABLE, M_WAITOK|M_ZERO);
 		snprintf(ifp->if_xname, sizeof(ifp->if_xname),
 			 "mdecap%d", vifcp->vifc_vifi);
 		/* Prepare cached route entry. */
 		memset(&vifp->v_route, 0, sizeof(vifp->v_route));
 #ifdef PIM
 	} else if (vifcp->vifc_flags & VIFF_REGISTER) {
 		ifp = &multicast_register_if;

 @@ -1,14 +1,14 @@
-/*	$NetBSD: in6_gif.c,v 1.66 2016/01/20 21:44:00 riastradh Exp $	*/
+/*	$NetBSD: in6_gif.c,v 1.67 2016/01/22 05:15:10 riastradh Exp $	*/
 /*	$KAME: in6_gif.c,v 1.62 2001/07/29 04:27:25 itojun Exp $	*/
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
 @@ -21,75 +21,74 @@
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: in6_gif.c,v 1.66 2016/01/20 21:44:00 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6_gif.c,v 1.67 2016/01/22 05:15:10 riastradh Exp $");
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
 #endif
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/socket.h>
 #include <sys/sockio.h>
 #include <sys/mbuf.h>
 #include <sys/errno.h>
 #include <sys/ioctl.h>
 #include <sys/queue.h>
 #include <sys/syslog.h>
 #include <sys/protosw.h>
 #include <sys/kernel.h>
 #include <net/if.h>
 #include <net/route.h>
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 #ifdef INET
 #include <netinet/ip.h>
 #endif
 #include <netinet/ip_encap.h>
 #ifdef INET6
 #include <netinet/ip6.h>
 #include <netinet6/ip6_var.h>
 #include <netinet6/ip6_private.h>
 #include <netinet6/in6_gif.h>
 #include <netinet6/in6_var.h>
 #endif
 #include <netinet6/ip6protosw.h>
 #endif
 #include <netinet/ip_ecn.h>
 #include <net/if_gif.h>
 #include <net/net_osdep.h>
 static int gif_validate6(const struct ip6_hdr *, struct gif_softc *,
 	struct ifnet *);
 int	ip6_gif_hlim = GIF_HLIM;
 extern LIST_HEAD(, gif_softc) gif_softc_list;
-static const struct ip6protosw in6_gif_protosw;
+static const struct encapsw in6_gif_encapsw;
 /*
  * family - family of the packet to be encapsulate.
  */
 int
 in6_gif_output(struct ifnet *ifp, int family, struct mbuf *m)
+{
 	struct rtentry *rt;
 	struct gif_softc *sc = ifp->if_softc;
 	struct sockaddr_in6 *sin6_src = satosin6(sc->gif_psrc);
 	struct sockaddr_in6 *sin6_dst = satosin6(sc->gif_pdst);
 	struct ip6_hdr *ip6;
 @@ -364,30 +363,30 @@ in6_gif_attach(struct gif_softc *sc)
+{
 #ifndef GIF_ENCAPCHECK
 	struct sockaddr_in6 mask6;
 	memset(&mask6, 0, sizeof(mask6));
 	mask6.sin6_len = sizeof(struct sockaddr_in6);
 	mask6.sin6_addr.s6_addr32[0] = mask6.sin6_addr.s6_addr32[1] =
 	    mask6.sin6_addr.s6_addr32[2] = mask6.sin6_addr.s6_addr32[3] = ~0;
 	if (!sc->gif_psrc || !sc->gif_pdst)
 		return EINVAL;
 	sc->encap_cookie6 = encap_attach(AF_INET6, -1, sc->gif_psrc,
 	    (struct sockaddr *)&mask6, sc->gif_pdst, (struct sockaddr *)&mask6,
-	    (const void *)&in6_gif_protosw, sc);
+	    &in6_gif_encapsw, sc);
 #else
 	sc->encap_cookie6 = encap_attach_func(AF_INET6, -1, gif_encapcheck,
-	    (struct protosw *)&in6_gif_protosw, sc);
+	    &in6_gif_encapsw, sc);
 #endif
 	if (sc->encap_cookie6 == NULL)
 		return EEXIST;
 	return 0;
+}
 int
 in6_gif_detach(struct gif_softc *sc)
+{
 	int error;
 	error = encap_detach(sc->encap_cookie6);
 	if (error == 0)
 @@ -441,30 +440,20 @@ in6_gif_ctlinput(int cmd, const struct s
 		dst6 = satocsin6(rtcache_getdst(&sc->gif_ro));
 		/* XXX scope */
 		if (dst6 == NULL)
+			;
 		else if (IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &dst6->sin6_addr))
 			rtcache_free(&sc->gif_ro);
+	}
 	return NULL;
+}
 PR_WRAP_CTLINPUT(in6_gif_ctlinput)
 PR_WRAP_CTLOUTPUT(rip6_ctloutput)
 #define	in6_gif_ctlinput	in6_gif_ctlinput_wrapper
 #define	rip6_ctloutput		rip6_ctloutput_wrapper
 extern struct domain inet6domain;
-static const struct ip6protosw in6_gif_protosw = {
+static const struct encapsw in6_gif_encapsw = {
-	.pr_type	= SOCK_RAW,
+	.en_input	= (void (*)(struct mbuf *, ...))in6_gif_input,
-	.pr_domain	= &inet6domain,
+	.en_ctlinput	= in6_gif_ctlinput,
 	.pr_protocol	= 0 /* IPPROTO_IPV[46] */,
 	.pr_flags	= PR_ATOMIC | PR_ADDR,
 	.pr_input	= in6_gif_input,
 	.pr_ctlinput	= in6_gif_ctlinput,
 	.pr_ctloutput	= rip6_ctloutput,
 	.pr_usrreqs	= &rip6_usrreqs,
 };

 @@ -1,14 +1,14 @@
-/*	$NetBSD: xform_ipip.c,v 1.33 2016/01/20 21:44:00 riastradh Exp $	*/
+/*	$NetBSD: xform_ipip.c,v 1.34 2016/01/22 05:15:10 riastradh Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_ipip.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_ipip.c,v 1.25 2002/06/10 18:04:55 itojun Exp $ */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
  * Niels Provos (provos@physnet.uni-hamburg.de).
+ *
  * The original version of this code was written by John Ioannidis
  * for BSD/OS in Athens, Greece, in November 1995.
+ *
  * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
  * by Angelos D. Keromytis.
 @@ -29,79 +29,74 @@
  * You may use this code under the GNU public license if you so wish. Please
  * contribute changes back to the authors under this freer than GPL license
  * so that we may further the use of strong encryption without limitations to
  * all.
+ *
  * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
  * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
  * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
  * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
  * PURPOSE.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.33 2016/01/20 21:44:00 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.34 2016/01/22 05:15:10 riastradh Exp $");
 /*
  * IP-inside-IP processing
  */
 #include "opt_inet.h"
 #ifdef __FreeBSD__
 #include "opt_inet6.h"
 #include "opt_random_ip_id.h"
 #endif /* __FreeBSD__ */
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/mbuf.h>
 #include <sys/socket.h>
 #include <sys/kernel.h>
 #include <sys/protosw.h>
 #include <sys/sysctl.h>
 #include <net/if.h>
 #include <net/route.h>
 #include <net/netisr.h>
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 #include <netinet/in_var.h>
 #include <netinet/ip.h>
 #include <netinet/ip_ecn.h>
 #include <netinet/ip_var.h>
 #include <netinet/ip_encap.h>
 #ifdef __FreeBSD__
 #include <netinet/ipprotosw.h>
 #endif
 #include <netipsec/ipsec.h>
 #include <netipsec/ipsec_private.h>
 #include <netipsec/xform.h>
 #include <netipsec/ipip_var.h>
 #ifdef MROUTING
 #include <netinet/ip_mroute.h>
 #endif
 #ifdef INET6
 #include <netinet/ip6.h>
 #include <netipsec/ipsec6.h>
 #  ifdef __FreeBSD__
 #  include <netinet6/ip6_ecn.h>
 #  endif
 #include <netinet6/in6_var.h>
 #include <netinet6/ip6protosw.h>
 #endif
 #include <netipsec/key.h>
 #include <netipsec/key_debug.h>
 #include <netipsec/ipsec_osdep.h>
 #ifdef __FreeBSD__
 typedef void	pr_in_input_t (struct mbuf *, int, int); /* XXX FIX THIS */
 #else
 typedef void	pr_in_input_t (struct mbuf *m, ...);
 #endif
 /*
 @@ -672,63 +667,35 @@ ipe4_input(
 	printf("ipe4_input: should never be called\n");
 	if (m)
 		m_freem(m);
 	return EOPNOTSUPP;
+}
 static struct xformsw ipe4_xformsw = {
 	XF_IP4,		0,		"IPv4 Simple Encapsulation",
 	ipe4_init,	ipe4_zeroize,	ipe4_input,	ipip_output,
 	NULL,
 };
 #ifdef INET
-PR_WRAP_CTLOUTPUT(rip_ctloutput)
+static const struct encapsw ipe4_encapsw = {
-#define	rip_ctloutput	rip_ctloutput_wrapper
+	.en_input = ip4_input,
 	.en_ctlinput = NULL,
 extern struct domain inetdomain;
 static struct ipprotosw ipe4_protosw = {
  .pr_type = SOCK_RAW,
  .pr_domain = &inetdomain,
  .pr_protocol = IPPROTO_IPV4,
  .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR,
  .pr_input = ip4_input,
  .pr_ctlinput = 0,
  .pr_ctloutput = rip_ctloutput,
  .pr_usrreqs = &rip_usrreqs,
  .pr_init = 0,
  .pr_fasttimo = 0,
  .pr_slowtimo =	0,
  .pr_drain = 0,
 };
 #endif
 #ifdef INET6
-PR_WRAP_CTLOUTPUT(rip6_ctloutput)
+static const struct encapsw ipe4_encapsw6 = {
-#define	rip6_ctloutput	rip6_ctloutput_wrapper
+	.en_input = (void (*)(struct mbuf *, ...))ip4_input6,
 	.en_ctlinput = NULL,
 extern struct domain inet6domain;
 static struct ip6protosw ipe4_protosw6 = {
  .pr_type = SOCK_RAW,
  .pr_domain = &inet6domain,
  .pr_protocol = IPPROTO_IPV6,
  .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR,
  .pr_input = ip4_input6,
  .pr_ctlinput = 0,
  .pr_ctloutput = rip6_ctloutput,
  .pr_usrreqs = &rip6_usrreqs,
  .pr_init = 0,
  .pr_fasttimo = 0,
  .pr_slowtimo = 0,
  .pr_drain = 0,
 };
 #endif
 /*
  * Check the encapsulated packet to see if we want it
  */
 static int
 ipe4_encapcheck(struct mbuf *m,
     int off,
     int proto,
     void *arg
+)
+{
 @@ -742,25 +709,25 @@ ipe4_encapcheck(struct mbuf *m,
+}
 INITFN void
 ipe4_attach(void)
+{
 	ipipstat_percpu = percpu_alloc(sizeof(uint64_t) * IPIP_NSTATS);
 	xform_register(&ipe4_xformsw);
 	/* attach to encapsulation framework */
 	/* XXX save return cookie for detach on module remove */
 #ifdef INET
 	(void) encap_attach_func(AF_INET, -1,
-		ipe4_encapcheck, (struct protosw*) &ipe4_protosw, NULL);
+		ipe4_encapcheck, &ipe4_encapsw, NULL);
 #endif
 #ifdef INET6
 	(void) encap_attach_func(AF_INET6, -1,
-		ipe4_encapcheck, (struct protosw*) &ipe4_protosw6, NULL);
+		ipe4_encapcheck, &ipe4_encapsw6, NULL);
 #endif
+}
 #ifdef SYSINIT
 SYSINIT(ipe4_xform_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, ipe4_attach, NULL);
 #endif