Tue Mar 13 03:05:13 2018 UTC ()
comment out confusing (and incorrect) code and add comment. Pointed out by maxv@n.o, thanks.


(knakahara)
diff -r1.4 -r1.5 src/sys/netipsec/ipsecif.c
cvs diff -r1.4 -r1.5 src/sys/netipsec/ipsecif.c (expand / switch to unified diff)

--- src/sys/netipsec/ipsecif.c 2018/03/09 11:05:21 1.4
+++ src/sys/netipsec/ipsecif.c 2018/03/13 03:05:12 1.5
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: ipsecif.c,v 1.4 2018/03/09 11:05:21 knakahara Exp $ */ 1/* $NetBSD: ipsecif.c,v 1.5 2018/03/13 03:05:12 knakahara Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2017 Internet Initiative Japan Inc. 4 * Copyright (c) 2017 Internet Initiative Japan Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * Redistribution and use in source and binary forms, with or without 7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions 8 * modification, are permitted provided that the following conditions
9 * are met: 9 * are met:
10 * 1. Redistributions of source code must retain the above copyright 10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer. 11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the 13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution. 14 * documentation and/or other materials provided with the distribution.
@@ -17,27 +17,27 @@ @@ -17,27 +17,27 @@
17 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
18 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
20 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE. 26 * POSSIBILITY OF SUCH DAMAGE.
27 */ 27 */
28 28
29#include <sys/cdefs.h> 29#include <sys/cdefs.h>
30__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.4 2018/03/09 11:05:21 knakahara Exp $"); 30__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.5 2018/03/13 03:05:12 knakahara Exp $");
31 31
32#ifdef _KERNEL_OPT 32#ifdef _KERNEL_OPT
33#include "opt_inet.h" 33#include "opt_inet.h"
34#include "opt_ipsec.h" 34#include "opt_ipsec.h"
35#endif 35#endif
36 36
37#include <sys/param.h> 37#include <sys/param.h>
38#include <sys/systm.h> 38#include <sys/systm.h>
39#include <sys/socket.h> 39#include <sys/socket.h>
40#include <sys/sockio.h> 40#include <sys/sockio.h>
41#include <sys/mbuf.h> 41#include <sys/mbuf.h>
42#include <sys/errno.h> 42#include <sys/errno.h>
43#include <sys/ioctl.h> 43#include <sys/ioctl.h>
@@ -473,27 +473,29 @@ ipsecif6_output(struct ipsec_variant *va @@ -473,27 +473,29 @@ ipsecif6_output(struct ipsec_variant *va
473 } 473 }
474 474
475 /* prepend new IP header */ 475 /* prepend new IP header */
476 M_PREPEND(m, sizeof(struct ip6_hdr), M_DONTWAIT); 476 M_PREPEND(m, sizeof(struct ip6_hdr), M_DONTWAIT);
477 if (m && M_UNWRITABLE(m, sizeof(struct ip6_hdr))) 477 if (m && M_UNWRITABLE(m, sizeof(struct ip6_hdr)))
478 m = m_pullup(m, sizeof(struct ip6_hdr)); 478 m = m_pullup(m, sizeof(struct ip6_hdr));
479 if (m == NULL) 479 if (m == NULL)
480 return ENOBUFS; 480 return ENOBUFS;
481 481
482 ip6 = mtod(m, struct ip6_hdr *); 482 ip6 = mtod(m, struct ip6_hdr *);
483 ip6->ip6_flow = 0; 483 ip6->ip6_flow = 0;
484 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 484 ip6->ip6_vfc &= ~IPV6_VERSION_MASK;
485 ip6->ip6_vfc |= IPV6_VERSION; 485 ip6->ip6_vfc |= IPV6_VERSION;
486 ip6->ip6_plen = htons((u_short)m->m_pkthdr.len); 486#if 0 /* ip6->ip6_plen will be filled by ip6_output */
 487 ip6->ip6_plen = htons((u_short)m->m_pkthdr.len - sizeof(*ip6));
 488#endif
487 ip6->ip6_nxt = proto; 489 ip6->ip6_nxt = proto;
488 ip6->ip6_hlim = ip6_ipsec_hlim; 490 ip6->ip6_hlim = ip6_ipsec_hlim;
489 ip6->ip6_src = sin6_src->sin6_addr; 491 ip6->ip6_src = sin6_src->sin6_addr;
490 /* bidirectional configured tunnel mode */ 492 /* bidirectional configured tunnel mode */
491 if (!IN6_IS_ADDR_UNSPECIFIED(&sin6_dst->sin6_addr)) { 493 if (!IN6_IS_ADDR_UNSPECIFIED(&sin6_dst->sin6_addr)) {
492 ip6->ip6_dst = sin6_dst->sin6_addr; 494 ip6->ip6_dst = sin6_dst->sin6_addr;
493 } else { 495 } else {
494 m_freem(m); 496 m_freem(m);
495 return ENETUNREACH; 497 return ENETUNREACH;
496 } 498 }
497#ifndef IPSEC_TX_TOS_CLEAR 499#ifndef IPSEC_TX_TOS_CLEAR
498 if (ifp->if_flags & IFF_ECN) 500 if (ifp->if_flags & IFF_ECN)
499 ip_ecn_ingress(ECN_ALLOWED, &otos, &itos); 501 ip_ecn_ingress(ECN_ALLOWED, &otos, &itos);