diff --git a/sys/netinet/libalias/alias.h b/sys/netinet/libalias/alias.h --- a/sys/netinet/libalias/alias.h +++ b/sys/netinet/libalias/alias.h @@ -46,7 +46,7 @@ #include #define LIBALIAS_BUF_SIZE 128 -#ifdef _KERNEL +#ifdef _KERNEL /* * The kernel version of libalias does not support these features. */ @@ -89,8 +89,7 @@ void LibAliasSetAliasPortRange(struct libalias *la, u_short port_low, u_short port_hi); void LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num); void LibAliasSetSkinnyPort(struct libalias *, unsigned int _port); -unsigned int - LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask); +unsigned int LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask); void LibAliasUninit(struct libalias *); /* Packet Handling functions. */ @@ -101,42 +100,37 @@ /* Port and address redirection functions. */ -int -LibAliasAddServer(struct libalias *, struct alias_link *_lnk, - struct in_addr _addr, unsigned short _port); -struct alias_link * -LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr, - struct in_addr _alias_addr); +int LibAliasAddServer(struct libalias *, struct alias_link *_lnk, + struct in_addr _addr, unsigned short _port); +struct alias_link * LibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr, + struct in_addr _alias_addr); int LibAliasRedirectDynamic(struct libalias *, struct alias_link *_lnk); void LibAliasRedirectDelete(struct libalias *, struct alias_link *_lnk); -struct alias_link * -LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr, - unsigned short _src_port, struct in_addr _dst_addr, - unsigned short _dst_port, struct in_addr _alias_addr, - unsigned short _alias_port, unsigned char _proto); -struct alias_link * -LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr, - struct in_addr _dst_addr, struct in_addr _alias_addr, - unsigned char _proto); +struct alias_link * LibAliasRedirectPort(struct libalias *, struct in_addr _src_addr, + unsigned short _src_port, struct in_addr _dst_addr, + unsigned short _dst_port, struct in_addr _alias_addr, + unsigned short _alias_port, unsigned char _proto); +struct alias_link * LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr, + struct in_addr _dst_addr, struct in_addr _alias_addr, + unsigned char _proto); /* Fragment Handling functions. */ void LibAliasFragmentIn(struct libalias *, void *_ptr, void *_ptr_fragment); -void *LibAliasGetFragment(struct libalias *, void *_ptr); +void *LibAliasGetFragment(struct libalias *, void *_ptr); int LibAliasSaveFragment(struct libalias *, void *_ptr); /* Miscellaneous functions. */ int LibAliasCheckNewLink(struct libalias *); -unsigned short - LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes); +unsigned short LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes); void LibAliasSetTarget(struct libalias *, struct in_addr _target_addr); /* Transparent proxying routines. */ int LibAliasProxyRule(struct libalias *, const char *_cmd); /* Module handling API */ -int LibAliasLoadModule(char *); -int LibAliasUnLoadAllModule(void); -int LibAliasRefreshModules(void); +int LibAliasLoadModule(char *); +int LibAliasUnLoadAllModule(void); +int LibAliasRefreshModules(void); /* Mbuf helper function. */ struct mbuf *m_megapullup(struct mbuf *, int); @@ -176,7 +170,7 @@ * require this. This bit is set after a call to PacketAliasInit(), so it is * a default mode of operation. */ -#ifndef NO_USE_SOCKETS +#ifndef NO_USE_SOCKETS #define PKT_ALIAS_USE_SOCKETS 0x08 #endif /*- diff --git a/sys/netinet/libalias/alias.c b/sys/netinet/libalias/alias.c --- a/sys/netinet/libalias/alias.c +++ b/sys/netinet/libalias/alias.c @@ -146,7 +146,7 @@ #include "alias_mod.h" #endif -/* +/* * Define libalias SYSCTL Node */ #ifdef SYSCTL_NODE @@ -192,7 +192,6 @@ static void TcpMonitorIn(u_char th_flags, struct alias_link *lnk) { - switch (GetStateIn(lnk)) { case ALIAS_TCP_STATE_NOT_CONNECTED: if (th_flags & TH_RST) @@ -210,7 +209,6 @@ static void TcpMonitorOut(u_char th_flags, struct alias_link *lnk) { - switch (GetStateOut(lnk)) { case ALIAS_TCP_STATE_NOT_CONNECTED: if (th_flags & TH_RST) @@ -285,21 +283,20 @@ static int TcpAliasIn(struct libalias *, struct ip *); static int TcpAliasOut(struct libalias *, struct ip *, int, int create); -static int -IcmpAliasIn1(struct libalias *la, struct ip *pip) -{ - - LIBALIAS_LOCK_ASSERT(la); /* De-alias incoming echo and timestamp replies. Alias incoming echo and timestamp requests. */ +static int +IcmpAliasIn1(struct libalias *la, struct ip *pip) +{ + LIBALIAS_LOCK_ASSERT(la); struct alias_link *lnk; struct icmp *ic; ic = (struct icmp *)ip_next(pip); -/* Get source address from ICMP data field and restore original data */ + /* Get source address from ICMP data field and restore original data */ lnk = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); if (lnk != NULL) { u_short original_id; @@ -307,15 +304,15 @@ original_id = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = ic->icmp_id; accumulate -= original_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* Put original sequence number back in */ + /* Put original sequence number back in */ ic->icmp_id = original_id; -/* Put original address back into IP header */ + /* Put original address back into IP header */ { struct in_addr original_address; @@ -330,15 +327,14 @@ return (PKT_ALIAS_IGNORED); } -static int -IcmpAliasIn2(struct libalias *la, struct ip *pip) -{ - - LIBALIAS_LOCK_ASSERT(la); /* Alias incoming ICMP error messages containing IP header and first 64 bits of datagram. */ +static int +IcmpAliasIn2(struct libalias *la, struct ip *pip) +{ + LIBALIAS_LOCK_ASSERT(la); struct ip *ip; struct icmp *ic, *ic2; struct udphdr *ud; @@ -377,7 +373,7 @@ original_address = GetOriginalAddress(lnk); original_port = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_src); accumulate -= twowords(&original_address); accumulate += ud->uh_sport; @@ -388,13 +384,14 @@ accumulate2 -= ip->ip_sum; ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); -/* Un-alias address in IP header */ + /* Un-alias address in IP header */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; -/* Un-alias address and port number of original IP packet -fragment contained in ICMP data section */ + /* Un-alias address and port number of + * original IP packet fragment contained + * in ICMP data section */ ip->ip_src = original_address; ud->uh_sport = original_port; } else if (ip->ip_p == IPPROTO_ICMP) { @@ -405,7 +402,7 @@ original_address = GetOriginalAddress(lnk); original_id = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_src); accumulate -= twowords(&original_address); accumulate += ic2->icmp_id; @@ -416,13 +413,13 @@ accumulate2 -= ip->ip_sum; ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); -/* Un-alias address in IP header */ + /* Un-alias address in IP header */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; -/* Un-alias address of original IP packet and sequence number of - embedded ICMP datagram */ + /* Un-alias address of original IP packet and + * sequence number of embedded ICMP datagram */ ip->ip_src = original_address; ic2->icmp_id = original_id; } @@ -444,7 +441,7 @@ if (dlen < ICMP_MINLEN) return (PKT_ALIAS_IGNORED); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -475,20 +472,20 @@ return (iresult); } -static int -IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) -{ /* Alias outgoing echo and timestamp requests. De-alias outgoing echo and timestamp replies. */ +static int +IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) +{ struct alias_link *lnk; struct icmp *ic; LIBALIAS_LOCK_ASSERT(la); ic = (struct icmp *)ip_next(pip); -/* Save overwritten data for when echo packet returns */ + /* Save overwritten data for when echo packet returns */ lnk = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, create); if (lnk != NULL) { u_short alias_id; @@ -496,15 +493,15 @@ alias_id = GetAliasPort(lnk); -/* Since data field is being modified, adjust ICMP checksum */ + /* Since data field is being modified, adjust ICMP checksum */ accumulate = ic->icmp_id; accumulate -= alias_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* Alias sequence number */ + /* Alias sequence number */ ic->icmp_id = alias_id; -/* Change source address */ + /* Change source address */ { struct in_addr alias_address; @@ -519,13 +516,13 @@ return (PKT_ALIAS_IGNORED); } -static int -IcmpAliasOut2(struct libalias *la, struct ip *pip) -{ /* Alias outgoing ICMP error messages containing IP header and first 64 bits of datagram. */ +static int +IcmpAliasOut2(struct libalias *la, struct ip *pip) +{ struct ip *ip; struct icmp *ic, *ic2; struct udphdr *ud; @@ -565,24 +562,24 @@ alias_address = GetAliasAddress(lnk); alias_port = GetAliasPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_dst); accumulate -= twowords(&alias_address); accumulate += ud->uh_dport; accumulate -= alias_port; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* - * Alias address in IP header if it comes from the host - * the original TCP/UDP packet was destined for. - */ + /* + * Alias address in IP header if it comes from the host + * the original TCP/UDP packet was destined for. + */ if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; } -/* Alias address and port number of original IP packet -fragment contained in ICMP data section */ + /* Alias address and port number of original IP packet + * fragment contained in ICMP data section */ ip->ip_dst = alias_address; ud->uh_dport = alias_port; } else if (ip->ip_p == IPPROTO_ICMP) { @@ -593,24 +590,24 @@ alias_address = GetAliasAddress(lnk); alias_id = GetAliasPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_dst); accumulate -= twowords(&alias_address); accumulate += ic2->icmp_id; accumulate -= alias_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* - * Alias address in IP header if it comes from the host - * the original ICMP message was destined for. - */ + /* + * Alias address in IP header if it comes from the host + * the original ICMP message was destined for. + */ if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; } -/* Alias address of original IP packet and sequence number of - embedded ICMP datagram */ + /* Alias address of original IP packet and + * sequence number of embedded ICMP datagram */ ip->ip_dst = alias_address; ic2->icmp_id = alias_id; } @@ -628,7 +625,7 @@ LIBALIAS_LOCK_ASSERT(la); (void)create; -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -655,20 +652,20 @@ return (iresult); } -static int -ProtoAliasIn(struct libalias *la, struct in_addr ip_src, - struct ip *pip, u_char ip_p, u_short *ip_sum) -{ /* Handle incoming IP packets. The only thing which is done in this case is to alias the dest IP address of the packet to our inside machine. */ +static int +ProtoAliasIn(struct libalias *la, struct in_addr ip_src, + struct ip *pip, u_char ip_p, u_short *ip_sum) +{ struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -678,7 +675,7 @@ original_address = GetOriginalAddress(lnk); -/* Restore original IP address */ + /* Restore original IP address */ DifferentialChecksum(ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; @@ -688,20 +685,20 @@ return (PKT_ALIAS_IGNORED); } -static int -ProtoAliasOut(struct libalias *la, struct ip *pip, - struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create) -{ /* Handle outgoing IP packets. The only thing which is done in this case is to alias the source IP address of the packet. */ +static int +ProtoAliasOut(struct libalias *la, struct ip *pip, + struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create) +{ struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -714,7 +711,7 @@ alias_address = GetAliasAddress(lnk); -/* Change source address */ + /* Change source address */ DifferentialChecksum(ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; @@ -753,8 +750,8 @@ int accumulate; int error; struct alias_data ad = { - .lnk = lnk, - .oaddr = &original_address, + .lnk = lnk, + .oaddr = &original_address, .aaddr = &alias_address, .aport = &alias_port, .sport = &ud->uh_sport, @@ -769,46 +766,48 @@ ud->uh_dport = GetOriginalPort(lnk); proxy_port = GetProxyPort(lnk); - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(IN, UDP, la, pip, &ad); /* If we cannot figure out the packet, ignore it. */ if (error < 0) return (PKT_ALIAS_IGNORED); -/* If UDP checksum is not zero, then adjust since destination port */ -/* is being unaliased and destination address is being altered. */ + /* If UDP checksum is not zero, then adjust since + * destination port is being unaliased and + * destination address is being altered. */ if (ud->uh_sum != 0) { accumulate = alias_port; accumulate -= ud->uh_dport; accumulate += twowords(&alias_address); accumulate -= twowords(&original_address); -/* If this is a proxy packet, modify checksum because of source change.*/ - if (proxy_port != 0) { - accumulate += ud->uh_sport; - accumulate -= proxy_port; - } + /* If this is a proxy packet, modify checksum + * because of source change.*/ + if (proxy_port != 0) { + accumulate += ud->uh_sport; + accumulate -= proxy_port; + } - if (proxy_address.s_addr != 0) { + if (proxy_address.s_addr != 0) { accumulate += twowords(&pip->ip_src); accumulate -= twowords(&proxy_address); - } + } ADJUST_CHECKSUM(accumulate, ud->uh_sum); } -/* XXX: Could the two if's below be concatenated to one ? */ -/* Restore source port and/or address in case of proxying*/ - if (proxy_port != 0) - ud->uh_sport = proxy_port; + /* XXX: Could the two if's below be concatenated to one ? */ + /* Restore source port and/or address in case of proxying*/ + if (proxy_port != 0) + ud->uh_sport = proxy_port; - if (proxy_address.s_addr != 0) { - DifferentialChecksum(&pip->ip_sum, - &proxy_address, &pip->ip_src, 2); - pip->ip_src = proxy_address; - } + if (proxy_address.s_addr != 0) { + DifferentialChecksum(&pip->ip_sum, + &proxy_address, &pip->ip_src, 2); + pip->ip_src = proxy_address; + } -/* Restore original IP address */ + /* Restore original IP address */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; @@ -833,7 +832,7 @@ LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled and not proxyrule found.*/ + /* Return if proxy-only mode is enabled and not proxyrule found.*/ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2); if (dlen < sizeof(struct udphdr)) return (PKT_ALIAS_IGNORED); @@ -842,34 +841,33 @@ if (dlen < ntohs(ud->uh_ulen)) return (PKT_ALIAS_IGNORED); - proxy_type = ProxyCheck(la, &proxy_server_address, - &proxy_server_port, pip->ip_src, pip->ip_dst, - ud->uh_dport, pip->ip_p); + proxy_type = ProxyCheck(la, &proxy_server_address, &proxy_server_port, + pip->ip_src, pip->ip_dst, ud->uh_dport, pip->ip_p); if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) return (PKT_ALIAS_OK); -/* If this is a transparent proxy, save original destination, - * then alter the destination and adjust checksums */ + /* If this is a transparent proxy, save original destination, + * then alter the destination and adjust checksums */ dest_port = ud->uh_dport; dest_address = pip->ip_dst; if (proxy_type != 0) { - int accumulate; + int accumulate; accumulate = twowords(&pip->ip_dst); accumulate -= twowords(&proxy_server_address); - ADJUST_CHECKSUM(accumulate, pip->ip_sum); + ADJUST_CHECKSUM(accumulate, pip->ip_sum); if (ud->uh_sum != 0) { accumulate = twowords(&pip->ip_dst); accumulate -= twowords(&proxy_server_address); - accumulate += ud->uh_dport; - accumulate -= proxy_server_port; - ADJUST_CHECKSUM(accumulate, ud->uh_sum); + accumulate += ud->uh_dport; + accumulate -= proxy_server_port; + ADJUST_CHECKSUM(accumulate, ud->uh_sum); } - pip->ip_dst = proxy_server_address; - ud->uh_dport = proxy_server_port; + pip->ip_dst = proxy_server_address; + ud->uh_dport = proxy_server_port; } lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, ud->uh_sport, ud->uh_dport, @@ -878,7 +876,7 @@ u_short alias_port; struct in_addr alias_address; struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = &alias_address, .aport = &alias_port, @@ -887,24 +885,24 @@ .maxpktsize = 0 }; -/* Save original destination address, if this is a proxy packet. - * Also modify packet to include destination encoding. This may - * change the size of IP header. */ + /* Save original destination address, if this is a proxy packet. + * Also modify packet to include destination encoding. This may + * change the size of IP header. */ if (proxy_type != 0) { - SetProxyPort(lnk, dest_port); - SetProxyAddress(lnk, dest_address); - ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); - ud = (struct udphdr *)ip_next(pip); - } + SetProxyPort(lnk, dest_port); + SetProxyAddress(lnk, dest_address); + ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); + ud = (struct udphdr *)ip_next(pip); + } alias_address = GetAliasAddress(lnk); alias_port = GetAliasPort(lnk); - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(OUT, UDP, la, pip, &ad); -/* If UDP checksum is not zero, adjust since source port is */ -/* being aliased and source address is being altered */ + /* If UDP checksum is not zero, adjust since source port is */ + /* being aliased and source address is being altered */ if (ud->uh_sum != 0) { int accumulate; @@ -914,10 +912,10 @@ accumulate -= twowords(&alias_address); ADJUST_CHECKSUM(accumulate, ud->uh_sum); } -/* Put alias port in UDP header */ + /* Put alias port in UDP header */ ud->uh_sport = alias_port; -/* Change source address */ + /* Change source address */ DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; @@ -953,14 +951,14 @@ u_short proxy_port; int accumulate, error; - /* - * The init of MANY vars is a bit below, but aliashandlepptpin + /* + * The init of MANY vars is a bit below, but aliashandlepptpin * seems to need the destination port that came within the * packet and not the original one looks below [*]. */ struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = NULL, .aport = NULL, @@ -969,7 +967,7 @@ .maxpktsize = 0 }; - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(IN, TCP, la, pip, &ad); alias_address = GetAliasAddress(lnk); @@ -979,8 +977,8 @@ tc->th_dport = GetOriginalPort(lnk); proxy_port = GetProxyPort(lnk); - /* - * Look above, if anyone is going to add find_handler AFTER + /* + * Look above, if anyone is going to add find_handler AFTER * this aliashandlepptpin/point, please redo alias_data too. * Uncommenting the piece here below should be enough. */ @@ -994,22 +992,22 @@ .dport = &ud->uh_dport, .maxpktsize = 0 }; - + /* Walk out chain. */ error = find_handler(la, pip, &ad); if (error == EHDNOF) printf("Protocol handler not found\n"); #endif -/* Adjust TCP checksum since destination port is being unaliased */ -/* and destination port is being altered. */ + /* Adjust TCP checksum since destination port is being + * unaliased and destination port is being altered. */ accumulate = alias_port; accumulate -= tc->th_dport; accumulate += twowords(&alias_address); accumulate -= twowords(&original_address); -/* If this is a proxy, then modify the TCP source port and - checksum accumulation */ + /* If this is a proxy, then modify the TCP source port + * and checksum accumulation */ if (proxy_port != 0) { accumulate += tc->th_sport; tc->th_sport = proxy_port; @@ -1017,7 +1015,7 @@ accumulate += twowords(&pip->ip_src); accumulate -= twowords(&proxy_address); } -/* See if ACK number needs to be modified */ + /* See if ACK number needs to be modified */ if (GetAckModified(lnk) == 1) { int delta; @@ -1031,13 +1029,13 @@ } ADJUST_CHECKSUM(accumulate, tc->th_sum); -/* Restore original IP address */ + /* Restore original IP address */ accumulate = twowords(&pip->ip_dst); pip->ip_dst = original_address; accumulate -= twowords(&pip->ip_dst); -/* If this is a transparent proxy packet, then modify the source - address */ + /* If this is a transparent proxy packet, + * then modify the source address */ if (proxy_address.s_addr != 0) { accumulate += twowords(&pip->ip_src); pip->ip_src = proxy_address; @@ -1045,7 +1043,7 @@ } ADJUST_CHECKSUM(accumulate, pip->ip_sum); -/* Monitor TCP connection state */ + /* Monitor TCP connection state */ tc = (struct tcphdr *)ip_next(pip); TcpMonitorIn(tc->th_flags, lnk); @@ -1074,8 +1072,8 @@ tc = (struct tcphdr *)ip_next(pip); if (create) - proxy_type = ProxyCheck(la, &proxy_server_address, - &proxy_server_port, pip->ip_src, pip->ip_dst, + proxy_type = ProxyCheck(la, &proxy_server_address, + &proxy_server_port, pip->ip_src, pip->ip_dst, tc->th_dport, pip->ip_p); else proxy_type = 0; @@ -1083,8 +1081,8 @@ if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) return (PKT_ALIAS_OK); -/* If this is a transparent proxy, save original destination, - then alter the destination and adjust checksums */ + /* If this is a transparent proxy, save original destination, + * then alter the destination and adjust checksums */ dest_port = tc->th_dport; dest_address = pip->ip_dst; if (proxy_type != 0) { @@ -1112,7 +1110,7 @@ struct in_addr alias_address; int accumulate; struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = &alias_address, .aport = &alias_port, @@ -1121,38 +1119,38 @@ .maxpktsize = maxpacketsize }; -/* Save original destination address, if this is a proxy packet. - Also modify packet to include destination encoding. This may - change the size of IP header. */ + /* Save original destination address, if this is a proxy packet. + * Also modify packet to include destination + * encoding. This may change the size of IP header. */ if (proxy_type != 0) { SetProxyPort(lnk, dest_port); SetProxyAddress(lnk, dest_address); ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); tc = (struct tcphdr *)ip_next(pip); } -/* Get alias address and port */ + /* Get alias address and port */ alias_port = GetAliasPort(lnk); alias_address = GetAliasAddress(lnk); -/* Monitor TCP connection state */ + /* Monitor TCP connection state */ tc = (struct tcphdr *)ip_next(pip); TcpMonitorOut(tc->th_flags, lnk); - - /* Walk out chain. */ + + /* Walk out chain. */ error = find_handler(OUT, TCP, la, pip, &ad); -/* Adjust TCP checksum since source port is being aliased */ -/* and source address is being altered */ + /* Adjust TCP checksum since source port is being aliased + * and source address is being altered */ accumulate = tc->th_sport; tc->th_sport = alias_port; accumulate -= tc->th_sport; accumulate += twowords(&pip->ip_src); accumulate -= twowords(&alias_address); -/* Modify sequence number if necessary */ + /* Modify sequence number if necessary */ if (GetAckModified(lnk) == 1) { int delta; - + tc = (struct tcphdr *)ip_next(pip); delta = GetDeltaSeqOut(tc->th_seq, lnk); if (delta != 0) { @@ -1163,7 +1161,7 @@ } ADJUST_CHECKSUM(accumulate, tc->th_sum); -/* Change source address */ + /* Change source address */ accumulate = twowords(&pip->ip_src); pip->ip_src = alias_address; accumulate -= twowords(&pip->ip_src); @@ -1259,7 +1257,7 @@ return (iresult); } -void * +void * LibAliasGetFragment(struct libalias *la, void *ptr) { struct alias_link *lnk; @@ -1273,7 +1271,7 @@ GetFragmentPtr(lnk, &fptr); SetFragmentPtr(lnk, NULL); SetExpire(lnk, 0); /* Deletes link */ - } else + } else fptr = NULL; LIBALIAS_UNLOCK(la); @@ -1281,11 +1279,9 @@ } void -LibAliasFragmentIn(struct libalias *la, void *ptr, /* Points to correctly - * de-aliased header - * fragment */ - void *ptr_fragment /* Points to fragment which must be - * de-aliased */ +LibAliasFragmentIn(struct libalias *la, + void *ptr, /* Points to correctly de-aliased header fragment */ + void *ptr_fragment /* fragment which must be de-aliased */ ) { struct ip *pip; @@ -1305,10 +1301,10 @@ /* Local prototypes */ static int LibAliasOutLocked(struct libalias *la, struct ip *pip, - int maxpacketsize, int create); + int maxpacketsize, int create); static int LibAliasInLocked(struct libalias *la, struct ip *pip, - int maxpacketsize); + int maxpacketsize); int LibAliasIn(struct libalias *la, void *ptr, int maxpacketsize) @@ -1340,7 +1336,7 @@ /* Defense against mangled packets */ if (ntohs(pip->ip_len) > maxpacketsize || (pip->ip_hl << 2) > maxpacketsize) { - iresult = PKT_ALIAS_IGNORED; + iresult = PKT_ALIAS_IGNORED; goto getout; } @@ -1358,30 +1354,30 @@ break; #ifdef _KERNEL case IPPROTO_SCTP: - iresult = SctpAlias(la, pip, SN_TO_LOCAL); + iresult = SctpAlias(la, pip, SN_TO_LOCAL); break; #endif - case IPPROTO_GRE: { + case IPPROTO_GRE: { int error; struct alias_data ad = { - .lnk = NULL, - .oaddr = NULL, + .lnk = NULL, + .oaddr = NULL, .aaddr = NULL, .aport = NULL, .sport = NULL, .dport = NULL, - .maxpktsize = 0 + .maxpktsize = 0 }; - - /* Walk out chain. */ + + /* Walk out chain. */ error = find_handler(IN, IP, la, pip, &ad); - if (error == 0) + if (error == 0) iresult = PKT_ALIAS_OK; else iresult = ProtoAliasIn(la, pip->ip_src, pip, pip->ip_p, &pip->ip_sum); + break; } - break; default: iresult = ProtoAliasIn(la, pip->ip_src, pip, pip->ip_p, &pip->ip_sum); @@ -1449,10 +1445,10 @@ } static int -LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */ - int maxpacketsize, /* How much the packet data may grow (FTP - * and IRC inline changes) */ - int create /* Create new entries ? */ +LibAliasOutLocked(struct libalias *la, + struct ip *pip, /* valid IP packet */ + int maxpacketsize, /* How much the packet data may grow (FTP and IRC inline changes) */ + int create /* Create new entries ? */ ) { int iresult; @@ -1512,29 +1508,29 @@ break; #ifdef _KERNEL case IPPROTO_SCTP: - iresult = SctpAlias(la, pip, SN_TO_GLOBAL); + iresult = SctpAlias(la, pip, SN_TO_GLOBAL); break; #endif case IPPROTO_GRE: { int error; struct alias_data ad = { - .lnk = NULL, - .oaddr = NULL, + .lnk = NULL, + .oaddr = NULL, .aaddr = NULL, .aport = NULL, .sport = NULL, .dport = NULL, - .maxpktsize = 0 + .maxpktsize = 0 }; - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(OUT, IP, la, pip, &ad); if (error == 0) - iresult = PKT_ALIAS_OK; - else + iresult = PKT_ALIAS_OK; + else iresult = ProtoAliasOut(la, pip, pip->ip_dst, pip->ip_p, &pip->ip_sum, create); + break; } - break; default: iresult = ProtoAliasOut(la, pip, pip->ip_dst, pip->ip_p, &pip->ip_sum, create); @@ -1550,8 +1546,9 @@ } int -LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */ - int maxpacketsize /* for error checking */ +LibAliasUnaliasOut(struct libalias *la, + void *ptr, /* valid IP packet */ + int maxpacketsize /* for error checking */ ) { struct ip *pip; @@ -1623,7 +1620,6 @@ tc->th_sport = original_port; iresult = PKT_ALIAS_OK; - } else if (pip->ip_p == IPPROTO_ICMP) { int accumulate; struct in_addr original_address; @@ -1653,7 +1649,6 @@ getout: LIBALIAS_UNLOCK(la); return (iresult); - } #ifndef _KERNEL @@ -1673,8 +1668,8 @@ for (;;) { fgets(buf, 256, fd); - if (feof(fd)) - break; + if (feof(fd)) + break; len = strlen(buf); if (len > 1) { for (i = 0; i < len; i++) @@ -1696,20 +1691,20 @@ struct dll *t; void *handle; struct proto_handler *m; - const char *error; + const char *error; moduledata_t *p; - handle = dlopen (path, RTLD_LAZY); - if (!handle) { + handle = dlopen (path, RTLD_LAZY); + if (!handle) { fprintf(stderr, "%s\n", dlerror()); return (EINVAL); - } + } p = dlsym(handle, "alias_mod"); - if ((error = dlerror()) != NULL) { + if ((error = dlerror()) != NULL) { fprintf(stderr, "%s\n", dlerror()); return (EINVAL); - } + } t = malloc(sizeof(struct dll)); if (t == NULL) @@ -1722,8 +1717,8 @@ return (EEXIST); } - m = dlsym(t->handle, "handlers"); - if ((error = dlerror()) != NULL) { + m = dlsym(t->handle, "handlers"); + if ((error = dlerror()) != NULL) { fprintf(stderr, "%s\n", error); return (EINVAL); } @@ -1739,10 +1734,10 @@ struct proto_handler *p; /* Unload all modules then reload everything. */ - while ((p = first_handler()) != NULL) { + while ((p = first_handler()) != NULL) { LibAliasDetachHandlers(p); } - while ((t = walk_dll_chain()) != NULL) { + while ((t = walk_dll_chain()) != NULL) { dlclose(t->handle); free(t); } diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -158,13 +158,13 @@ #include #include #include -#include +#include #endif #include #include -#ifdef _KERNEL +#ifdef _KERNEL #include #include #include @@ -175,7 +175,7 @@ #include "alias_mod.h" #endif -static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); +static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); /* Constants (note: constants are also defined @@ -251,41 +251,45 @@ port and link type. */ -struct ack_data_record { /* used to save changes to ACK/sequence - * numbers */ +/* used to save changes to ACK/sequence numbers */ +struct ack_data_record { u_long ack_old; u_long ack_new; int delta; int active; }; -struct tcp_state { /* Information about TCP connection */ - int in; /* State for outside -> inside */ - int out; /* State for inside -> outside */ - int index; /* Index to ACK data array */ - int ack_modified; /* Indicates whether ACK and - * sequence numbers */ - /* been modified */ +/* Information about TCP connection */ +struct tcp_state { + int in; /* State for outside -> inside */ + int out; /* State for inside -> outside */ + int index; /* Index to ACK data array */ + /* Indicates whether ACK and sequence numbers been modified */ + int ack_modified; }; -#define N_LINK_TCP_DATA 3 /* Number of distinct ACK number changes - * saved for a modified TCP stream */ +/* Number of distinct ACK number changes + * saved for a modified TCP stream */ +#define N_LINK_TCP_DATA 3 struct tcp_dat { struct tcp_state state; struct ack_data_record ack[N_LINK_TCP_DATA]; - int fwhole; /* Which firewall record is used for this - * hole? */ + /* Which firewall record is used for this hole? */ + int fwhole; }; -struct server { /* LSNAT server pool (circular list) */ +/* LSNAT server pool (circular list) */ +struct server { struct in_addr addr; u_short port; struct server *next; }; -struct alias_link { /* Main data structure */ +/* Main data structure */ +struct alias_link { struct libalias *la; - struct in_addr src_addr; /* Address and port information */ + /* Address and port information */ + struct in_addr src_addr; struct in_addr dst_addr; struct in_addr alias_addr; struct in_addr proxy_addr; @@ -294,10 +298,8 @@ u_short alias_port; u_short proxy_port; struct server *server; - - int link_type; /* Type of link: TCP, UDP, ICMP, - * proto, frag */ - + /* Type of link: TCP, UDP, ICMP, proto, frag */ + int link_type; /* values for link_type */ #define LINK_ICMP IPPROTO_ICMP #define LINK_UDP IPPROTO_UDP @@ -307,9 +309,8 @@ #define LINK_ADDR (IPPROTO_MAX + 3) #define LINK_PPTP (IPPROTO_MAX + 4) - int flags; /* indicates special characteristics */ + int flags; /* indicates special characteristics */ int pflags; /* protocol-specific flags */ - /* flag bits */ #define LINK_UNKNOWN_DEST_PORT 0x01 #define LINK_UNKNOWN_DEST_ADDR 0x02 @@ -317,28 +318,27 @@ #define LINK_PARTIALLY_SPECIFIED 0x03 /* logical-or of first two bits */ #define LINK_UNFIREWALLED 0x08 - int timestamp; /* Time link was last accessed */ - int expire_time; /* Expire time for link */ -#ifndef NO_USE_SOCKETS - int sockfd; /* socket descriptor */ + int timestamp; /* Time link was last accessed */ + int expire_time; /* Expire time for link */ +#ifndef NO_USE_SOCKETS + int sockfd; /* socket descriptor */ #endif - LIST_ENTRY (alias_link) list_out; /* Linked list of - * pointers for */ - LIST_ENTRY (alias_link) list_in; /* input and output - * lookup tables */ - - union { /* Auxiliary data */ + /* Linked list of pointers for input and output lookup tables */ + LIST_ENTRY (alias_link) list_out; + LIST_ENTRY (alias_link) list_in; + /* Auxiliary data */ + union { char *frag_ptr; struct in_addr frag_addr; struct tcp_dat *tcp; - } data; + } data; }; /* Clean up procedure. */ static void finishoff(void); /* Kernel module definition. */ -#ifdef _KERNEL +#ifdef _KERNEL MALLOC_DEFINE(M_ALIAS, "libalias", "packet aliasing"); MODULE_VERSION(libalias, 1); @@ -346,11 +346,10 @@ static int alias_mod_handler(module_t mod, int type, void *data) { - switch (type) { case MOD_QUIESCE: case MOD_UNLOAD: - finishoff(); + finishoff(); case MOD_LOAD: return (0); default: @@ -400,9 +399,9 @@ static int InitPacketAliasLog(struct libalias *); static void UninitPacketAliasLog(struct libalias *); -void SctpShowAliasStats(struct libalias *la); +void SctpShowAliasStats(struct libalias *la); -static u_int +static u_int StartPointIn(struct in_addr alias_addr, u_short alias_port, int link_type) @@ -416,7 +415,7 @@ return (n % LINK_TABLE_IN_SIZE); } -static u_int +static u_int StartPointOut(struct in_addr src_addr, struct in_addr dst_addr, u_short src_port, u_short dst_port, int link_type) { @@ -436,21 +435,17 @@ static int SeqDiff(u_long x, u_long y) { -/* Return the difference between two TCP sequence numbers */ - -/* - This function is encapsulated in case there are any unusual - arithmetic conditions that need to be considered. -*/ - +/* Return the difference between two TCP sequence numbers + * This function is encapsulated in case there are any unusual + * arithmetic conditions that need to be considered. + */ return (ntohl(y) - ntohl(x)); } #ifdef _KERNEL - static void AliasLog(char *str, const char *format, ...) -{ +{ va_list ap; va_start(ap, format); @@ -473,35 +468,34 @@ static void ShowAliasStats(struct libalias *la) { - LIBALIAS_LOCK_ASSERT(la); -/* Used for debugging */ + /* Used for debugging */ if (la->logDesc) { - int tot = la->icmpLinkCount + la->udpLinkCount + - (la->sctpLinkCount>>1) + /* sctp counts half associations */ - la->tcpLinkCount + la->pptpLinkCount + - la->protoLinkCount + la->fragmentIdLinkCount + - la->fragmentPtrLinkCount; - + int tot = la->icmpLinkCount + la->udpLinkCount + + (la->sctpLinkCount>>1) + /* sctp counts half associations */ + la->tcpLinkCount + la->pptpLinkCount + + la->protoLinkCount + la->fragmentIdLinkCount + + la->fragmentPtrLinkCount; + AliasLog(la->logDesc, - "icmp=%u, udp=%u, tcp=%u, sctp=%u, pptp=%u, proto=%u, frag_id=%u frag_ptr=%u / tot=%u", - la->icmpLinkCount, - la->udpLinkCount, - la->tcpLinkCount, - la->sctpLinkCount>>1, /* sctp counts half associations */ - la->pptpLinkCount, - la->protoLinkCount, - la->fragmentIdLinkCount, - la->fragmentPtrLinkCount, tot); + "icmp=%u, udp=%u, tcp=%u, sctp=%u, pptp=%u, proto=%u, frag_id=%u frag_ptr=%u / tot=%u", + la->icmpLinkCount, + la->udpLinkCount, + la->tcpLinkCount, + la->sctpLinkCount>>1, /* sctp counts half associations */ + la->pptpLinkCount, + la->protoLinkCount, + la->fragmentIdLinkCount, + la->fragmentPtrLinkCount, + tot); #ifndef _KERNEL - AliasLog(la->logDesc, " (sock=%u)\n", la->sockCount); + AliasLog(la->logDesc, " (sock=%u)\n", la->sockCount); #endif } } void SctpShowAliasStats(struct libalias *la) { - ShowAliasStats(la); } @@ -528,13 +522,11 @@ /* Local prototypes */ static int GetNewPort(struct libalias *, struct alias_link *, int); -#ifndef NO_USE_SOCKETS +#ifndef NO_USE_SOCKETS static u_short GetSocket(struct libalias *, u_short, int *, int); #endif static void CleanupAliasData(struct libalias *); - static void IncrementalCleanup(struct libalias *); - static void DeleteLink(struct alias_link *); static struct alias_link * @@ -543,10 +535,10 @@ u_short, u_short, int, int); static struct alias_link * - FindLinkOut (struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); +FindLinkOut(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); static struct alias_link * - FindLinkIn (struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); +FindLinkIn(struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); #define ALIAS_PORT_BASE 0x08000 #define ALIAS_PORT_MASK 0x07fff @@ -569,16 +561,15 @@ u_short port_net; LIBALIAS_LOCK_ASSERT(la); -/* - Description of alias_port_param for GetNewPort(). When - this parameter is zero or positive, it precisely specifies - the port number. GetNewPort() will return this number - without check that it is in use. - - When this parameter is GET_ALIAS_PORT, it indicates to get a randomly - selected port number. -*/ + /* + * Description of alias_port_param for GetNewPort(). When + * this parameter is zero or positive, it precisely specifies + * the port number. GetNewPort() will return this number + * without check that it is in use. + * When this parameter is GET_ALIAS_PORT, it indicates to get + * a randomly selected port number. + */ if (alias_port_param == GET_ALIAS_PORT) { /* * The aliasing port is automatically selected by one of @@ -617,7 +608,7 @@ return (-1); } -/* Port number search */ + /* Port number search */ for (i = 0; i < max_trials; i++) { int go_ahead; struct alias_link *search_result; @@ -635,7 +626,7 @@ go_ahead = 0; if (go_ahead) { -#ifndef NO_USE_SOCKETS +#ifndef NO_USE_SOCKETS if ((la->packetAliasMode & PKT_ALIAS_USE_SOCKETS) && (lnk->flags & LINK_PARTIALLY_SPECIFIED) && ((lnk->link_type == LINK_TCP) || @@ -648,7 +639,7 @@ #endif lnk->alias_port = port_net; return (0); -#ifndef NO_USE_SOCKETS +#ifndef NO_USE_SOCKETS } #endif } @@ -671,7 +662,7 @@ return (-1); } -#ifndef NO_USE_SOCKETS +#ifndef NO_USE_SOCKETS static u_short GetSocket(struct libalias *la, u_short port_net, int *sockfd, int link_type) { @@ -779,7 +770,7 @@ port_sys += ALIAS_PORT_BASE; } -/* Port number search */ + /* Port number search */ for (i = 0; i < max_trials; i++) { struct alias_link *search_result; @@ -851,16 +842,16 @@ struct libalias *la = lnk->la; LIBALIAS_LOCK_ASSERT(la); -/* Don't do anything if the link is marked permanent */ + /* Don't do anything if the link is marked permanent */ if (la->deleteAllLinks == 0 && lnk->flags & LINK_PERMANENT) return; #ifndef NO_FW_PUNCH -/* Delete associated firewall hole, if any */ + /* Delete associated firewall hole, if any */ ClearFWHole(lnk); #endif -/* Free memory allocated for LSNAT server pool */ + /* Free memory allocated for LSNAT server pool */ if (lnk->server != NULL) { struct server *head, *curr, *next; @@ -870,19 +861,19 @@ free(curr); } while ((curr = next) != head); } -/* Adjust output table pointers */ + /* Adjust output table pointers */ LIST_REMOVE(lnk, list_out); -/* Adjust input table pointers */ + /* Adjust input table pointers */ LIST_REMOVE(lnk, list_in); -#ifndef NO_USE_SOCKETS -/* Close socket, if one has been allocated */ +#ifndef NO_USE_SOCKETS + /* Close socket, if one has been allocated */ if (lnk->sockfd != -1) { la->sockCount--; close(lnk->sockfd); } #endif -/* Link-type dependent cleanup */ + /* Link-type dependent cleanup */ switch (lnk->link_type) { case LINK_ICMP: la->icmpLinkCount--; @@ -912,10 +903,10 @@ break; } -/* Free memory */ + /* Free memory */ free(lnk); -/* Write statistics, if logging enabled */ + /* Write statistics, if logging enabled */ if (la->packetAliasMode & PKT_ALIAS_LOG) { ShowAliasStats(la); } @@ -943,7 +934,7 @@ lnk->proxy_port = 0; lnk->server = NULL; lnk->link_type = link_type; -#ifndef NO_USE_SOCKETS +#ifndef NO_USE_SOCKETS lnk->sockfd = -1; #endif lnk->flags = 0; @@ -1057,6 +1048,10 @@ return (lnk); } +/* + * If alias_port_param is less than zero, alias port will be automatically + * chosen. If greater than zero, equal to alias port + */ static struct alias_link * ReLink(struct alias_link *old_lnk, struct in_addr src_addr, @@ -1064,11 +1059,10 @@ struct in_addr alias_addr, u_short src_port, u_short dst_port, - int alias_port_param, /* if less than zero, alias */ + int alias_port_param, int link_type) -{ /* port will be automatically *//* chosen. - * If greater than */ - struct alias_link *new_lnk; /* zero, equal to alias port */ +{ + struct alias_link *new_lnk; struct libalias *la = old_lnk->la; LIBALIAS_LOCK_ASSERT(la); @@ -1111,7 +1105,7 @@ } } -/* Search for partially specified links. */ + /* Search for partially specified links. */ if (lnk == NULL && replace_partial_links) { if (dst_port != 0 && dst_addr.s_addr != INADDR_ANY) { lnk = _FindLinkOut(la, src_addr, dst_addr, src_port, 0, @@ -1182,22 +1176,21 @@ struct alias_link *lnk_unknown_dst_port; LIBALIAS_LOCK_ASSERT(la); -/* Initialize pointers */ + /* Initialize pointers */ lnk_fully_specified = NULL; lnk_unknown_all = NULL; lnk_unknown_dst_addr = NULL; lnk_unknown_dst_port = NULL; -/* If either the dest addr or port is unknown, the search - loop will have to know about this. */ - + /* If either the dest addr or port is unknown, the search + * loop will have to know about this. */ flags_in = 0; if (dst_addr.s_addr == INADDR_ANY) flags_in |= LINK_UNKNOWN_DEST_ADDR; if (dst_port == 0) flags_in |= LINK_UNKNOWN_DEST_PORT; -/* Search loop */ + /* Search loop */ start_point = StartPointIn(alias_addr, alias_port, link_type); LIST_FOREACH(lnk, &la->linkTableIn[start_point], list_in) { int flags; @@ -1266,9 +1259,9 @@ } if (link_type == LINK_SCTP) { - lnk->src_addr = src_addr; - lnk->src_port = src_port; - return(lnk); + lnk->src_addr = src_addr; + lnk->src_port = src_port; + return (lnk); } lnk = ReLink(lnk, src_addr, dst_addr, alias_addr, @@ -1390,13 +1383,11 @@ return (lnk); } +/* Doesn't add a link if one is not found. */ struct alias_link * -FindFragmentIn2(struct libalias *la, struct in_addr dst_addr, /* Doesn't add a link if - * one */ - struct in_addr alias_addr, /* is not found. */ - u_short ip_id) +FindFragmentIn2(struct libalias *la, struct in_addr dst_addr, + struct in_addr alias_addr, u_short ip_id) { - LIBALIAS_LOCK_ASSERT(la); return FindLinkIn(la, dst_addr, alias_addr, NO_DEST_PORT, ip_id, @@ -1407,7 +1398,6 @@ AddFragmentPtrLink(struct libalias *la, struct in_addr dst_addr, u_short ip_id) { - LIBALIAS_LOCK_ASSERT(la); return AddLink(la, la->nullAddress, dst_addr, la->nullAddress, NO_SRC_PORT, NO_DEST_PORT, ip_id, @@ -1418,7 +1408,6 @@ FindFragmentPtr(struct libalias *la, struct in_addr dst_addr, u_short ip_id) { - LIBALIAS_LOCK_ASSERT(la); return FindLinkIn(la, dst_addr, la->nullAddress, NO_DEST_PORT, ip_id, @@ -1574,11 +1563,11 @@ LIBALIAS_LOCK_ASSERT(la); i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP); LIST_FOREACH(lnk, &la->linkTableOut[i], list_out) - if (lnk->link_type == LINK_PPTP && - lnk->src_addr.s_addr == src_addr.s_addr && - lnk->dst_addr.s_addr == dst_addr.s_addr && - lnk->src_port == src_call_id) - break; + if (lnk->link_type == LINK_PPTP && + lnk->src_addr.s_addr == src_addr.s_addr && + lnk->dst_addr.s_addr == dst_addr.s_addr && + lnk->src_port == src_call_id) + break; return (lnk); } @@ -1594,11 +1583,11 @@ LIBALIAS_LOCK_ASSERT(la); i = StartPointOut(src_addr, dst_addr, 0, 0, LINK_PPTP); LIST_FOREACH(lnk, &la->linkTableOut[i], list_out) - if (lnk->link_type == LINK_PPTP && - lnk->src_addr.s_addr == src_addr.s_addr && - lnk->dst_addr.s_addr == dst_addr.s_addr && - lnk->dst_port == dst_call_id) - break; + if (lnk->link_type == LINK_PPTP && + lnk->src_addr.s_addr == src_addr.s_addr && + lnk->dst_addr.s_addr == dst_addr.s_addr && + lnk->dst_port == dst_call_id) + break; return (lnk); } @@ -1614,11 +1603,11 @@ LIBALIAS_LOCK_ASSERT(la); i = StartPointIn(alias_addr, 0, LINK_PPTP); LIST_FOREACH(lnk, &la->linkTableIn[i], list_in) - if (lnk->link_type == LINK_PPTP && - lnk->dst_addr.s_addr == dst_addr.s_addr && - lnk->alias_addr.s_addr == alias_addr.s_addr && - lnk->dst_port == dst_call_id) - break; + if (lnk->link_type == LINK_PPTP && + lnk->dst_addr.s_addr == dst_addr.s_addr && + lnk->alias_addr.s_addr == alias_addr.s_addr && + lnk->dst_port == dst_call_id) + break; return (lnk); } @@ -1780,7 +1769,7 @@ lnk->expire_time = TCP_EXPIRE_CONNECTED; break; default: -#ifdef _KERNEL +#ifdef _KERNEL panic("libalias:SetStateIn() unknown state"); #else abort(); @@ -1805,7 +1794,7 @@ lnk->expire_time = TCP_EXPIRE_CONNECTED; break; default: -#ifdef _KERNEL +#ifdef _KERNEL panic("libalias:SetStateOut() unknown state"); #else abort(); @@ -1855,7 +1844,6 @@ struct in_addr GetDefaultAliasAddress(struct libalias *la) { - LIBALIAS_LOCK_ASSERT(la); return (la->aliasAddress); } @@ -1863,7 +1851,6 @@ void SetDefaultAliasAddress(struct libalias *la, struct in_addr alias_addr) { - LIBALIAS_LOCK_ASSERT(la); la->aliasAddress = alias_addr; } @@ -1881,7 +1868,7 @@ } #ifndef NO_FW_PUNCH -static u_short +static u_short GetDestPort(struct alias_link *lnk) { return (lnk->dst_port); @@ -1889,10 +1876,10 @@ #endif +/* Indicate that ACK numbers have been modified in a TCP connection */ void SetAckModified(struct alias_link *lnk) { -/* Indicate that ACK numbers have been modified in a TCP connection */ lnk->data.tcp->state.ack_modified = 1; } @@ -1920,23 +1907,22 @@ lnk->proxy_port = port; } +/* See if ACK numbers have been modified */ int GetAckModified(struct alias_link *lnk) { -/* See if ACK numbers have been modified */ return (lnk->data.tcp->state.ack_modified); } +/* + * Find out how much the ACK number has been altered for an + * incoming TCP packet. To do this, a circular list of ACK + * numbers where the TCP packet size was altered is searched. + */ // XXX ip free int GetDeltaAckIn(u_long ack, struct alias_link *lnk) { -/* -Find out how much the ACK number has been altered for an incoming -TCP packet. To do this, a circular list of ACK numbers where the TCP -packet size was altered is searched. -*/ - int i, j; int delta, ack_diff_min; @@ -1970,16 +1956,15 @@ return (delta); } +/* + * Find out how much the sequence number has been altered for an + * outgoing TCP packet. To do this, a circular list of ACK numbers + * where the TCP packet size was altered is searched. + */ // XXX ip free int GetDeltaSeqOut(u_long seq, struct alias_link *lnk) { -/* -Find out how much the sequence number has been altered for an outgoing -TCP packet. To do this, a circular list of ACK numbers where the TCP -packet size was altered is searched. -*/ - int i, j; int delta, seq_diff_min; @@ -2013,17 +1998,16 @@ return (delta); } +/* + * When a TCP packet has been altered in length, save this + * information in a circular list. If enough packets have been + * altered, then this list will begin to overwrite itself. + */ // XXX ip free void -AddSeq(struct alias_link *lnk, int delta, u_int ip_hl, u_short ip_len, +AddSeq(struct alias_link *lnk, int delta, u_int ip_hl, u_short ip_len, u_long th_seq, u_int th_off) { -/* -When a TCP packet has been altered in length, save this -information in a circular list. If enough packets have -been altered, then this list will begin to overwrite itself. -*/ - struct ack_data_record x; int hlen, tlen, dlen; int i; @@ -2068,7 +2052,6 @@ void ClearCheckNewLink(struct libalias *la) { - LIBALIAS_LOCK_ASSERT(la); la->newDefaultLink = 0; } @@ -2076,14 +2059,12 @@ void SetProtocolFlags(struct alias_link *lnk, int pflags) { - lnk->pflags = pflags; } int GetProtocolFlags(struct alias_link *lnk) { - return (lnk->pflags); } @@ -2119,7 +2100,7 @@ HouseKeeping(struct libalias *la) { int i, n; -#ifndef _KERNEL +#ifndef _KERNEL struct timeval tv; #endif @@ -2129,7 +2110,7 @@ * by other functions. This is done so as not to unnecessarily * waste timeline by making system calls. */ -#ifdef _KERNEL +#ifdef _KERNEL la->timeStamp = time_uptime; #else gettimeofday(&tv, NULL); @@ -2160,17 +2141,16 @@ static int InitPacketAliasLog(struct libalias *la) { - LIBALIAS_LOCK_ASSERT(la); if (~la->packetAliasMode & PKT_ALIAS_LOG) { #ifdef _KERNEL if ((la->logDesc = malloc(LIBALIAS_BUF_SIZE))) ; -#else +#else if ((la->logDesc = fopen("/var/log/alias.log", "w"))) - fprintf(la->logDesc, "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n"); + fprintf(la->logDesc, "PacketAlias/InitPacketAliasLog: Packet alias logging enabled.\n"); #endif - else + else return (ENOMEM); /* log initialization failed */ la->packetAliasMode |= PKT_ALIAS_LOG; } @@ -2182,7 +2162,6 @@ static void UninitPacketAliasLog(struct libalias *la) { - LIBALIAS_LOCK_ASSERT(la); if (la->logDesc) { #ifdef _KERNEL @@ -2287,7 +2266,8 @@ else { struct server *s; - for (s = head; s->next != head; s = s->next); + for (s = head; s->next != head; s = s->next) + ; s->next = server; server->next = head; } @@ -2374,12 +2354,11 @@ return (res); } +/* This is a dangerous function to put in the API, + because an invalid pointer can crash the program. */ void LibAliasRedirectDelete(struct libalias *la, struct alias_link *lnk) { -/* This is a dangerous function to put in the API, - because an invalid pointer can crash the program. */ - LIBALIAS_LOCK(la); la->deleteAllLinks = 1; DeleteLink(lnk); @@ -2390,7 +2369,6 @@ void LibAliasSetAddress(struct libalias *la, struct in_addr addr) { - LIBALIAS_LOCK(la); if (la->packetAliasMode & PKT_ALIAS_RESET_ON_ADDR_CHANGE && la->aliasAddress.s_addr != addr.s_addr) @@ -2400,12 +2378,10 @@ LIBALIAS_UNLOCK(la); } - void LibAliasSetAliasPortRange(struct libalias *la, u_short port_low, u_short port_high) { - LIBALIAS_LOCK(la); la->aliasPortLower = port_low; /* Add 1 to the aliasPortLength as modulo has range of 1 to n-1 */ @@ -2416,7 +2392,6 @@ void LibAliasSetTarget(struct libalias *la, struct in_addr target_addr) { - LIBALIAS_LOCK(la); la->targetAddress = target_addr; LIBALIAS_UNLOCK(la); @@ -2425,7 +2400,6 @@ static void finishoff(void) { - while (!LIST_EMPTY(&instancehead)) LibAliasUninit(LIST_FIRST(&instancehead)); } @@ -2434,7 +2408,7 @@ LibAliasInit(struct libalias *la) { int i; -#ifndef _KERNEL +#ifndef _KERNEL struct timeval tv; #endif @@ -2448,13 +2422,14 @@ return (la); #endif -#ifndef _KERNEL /* kernel cleans up on module unload */ +#ifndef _KERNEL + /* kernel cleans up on module unload */ if (LIST_EMPTY(&instancehead)) atexit(finishoff); #endif LIST_INSERT_HEAD(&instancehead, la, instancelist); -#ifdef _KERNEL +#ifdef _KERNEL la->timeStamp = time_uptime; la->lastCleanupTime = time_uptime; #else @@ -2499,7 +2474,7 @@ la->cleanupIndex = 0; la->packetAliasMode = PKT_ALIAS_SAME_PORTS -#ifndef NO_USE_SOCKETS +#ifndef NO_USE_SOCKETS | PKT_ALIAS_USE_SOCKETS #endif | PKT_ALIAS_RESET_ON_ADDR_CHANGE; @@ -2516,7 +2491,6 @@ void LibAliasUninit(struct libalias *la) { - LIBALIAS_LOCK(la); #ifdef _KERNEL AliasSctpTerm(la); @@ -2546,28 +2520,24 @@ int res = -1; LIBALIAS_LOCK(la); -/* Enable logging? */ if (flags & mask & PKT_ALIAS_LOG) { - /* Do the enable */ + /* Enable logging */ if (InitPacketAliasLog(la) == ENOMEM) goto getout; - } else -/* _Disable_ logging? */ - if (~flags & mask & PKT_ALIAS_LOG) { + } else if (~flags & mask & PKT_ALIAS_LOG) + /* _Disable_ logging */ UninitPacketAliasLog(la); - } + #ifndef NO_FW_PUNCH -/* Start punching holes in the firewall? */ - if (flags & mask & PKT_ALIAS_PUNCH_FW) { + if (flags & mask & PKT_ALIAS_PUNCH_FW) + /* Start punching holes in the firewall? */ InitPunchFW(la); - } else -/* Stop punching holes in the firewall? */ - if (~flags & mask & PKT_ALIAS_PUNCH_FW) { + else if (~flags & mask & PKT_ALIAS_PUNCH_FW) + /* Stop punching holes in the firewall? */ UninitPunchFW(la); - } #endif -/* Other flags can be set/cleared without special action */ + /* Other flags can be set/cleared without special action */ la->packetAliasMode = (flags & mask) | (la->packetAliasMode & ~mask); res = la->packetAliasMode; getout: @@ -2629,7 +2599,7 @@ static ipfw_insn * fill_ip(ipfw_insn * cmd1, enum ipfw_opcodes opcode, u_int32_t addr) { - ipfw_insn_ip *cmd = (ipfw_insn_ip *) cmd1; + ipfw_insn_ip *cmd = (ipfw_insn_ip *)cmd1; cmd->addr.s_addr = addr; return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u32), 0, 0); @@ -2638,7 +2608,7 @@ static ipfw_insn * fill_one_port(ipfw_insn * cmd1, enum ipfw_opcodes opcode, u_int16_t port) { - ipfw_insn_u16 *cmd = (ipfw_insn_u16 *) cmd1; + ipfw_insn_u16 *cmd = (ipfw_insn_u16 *)cmd1; cmd->ports[0] = cmd->ports[1] = port; return fill_cmd(cmd1, opcode, F_INSN_SIZE(ipfw_insn_u16), 0, 0); @@ -2650,7 +2620,7 @@ struct in_addr sa, u_int16_t sp, struct in_addr da, u_int16_t dp) { struct ip_fw *rule = (struct ip_fw *)buf; - ipfw_insn *cmd = (ipfw_insn *) rule->cmd; + ipfw_insn *cmd = (ipfw_insn *)rule->cmd; bzero(buf, bufsize); rule->rulenum = rulenum; @@ -2661,24 +2631,24 @@ cmd = fill_ip(cmd, O_IP_DST, da.s_addr); cmd = fill_one_port(cmd, O_IP_DSTPORT, dp); - rule->act_ofs = (u_int32_t *) cmd - (u_int32_t *) rule->cmd; + rule->act_ofs = (u_int32_t *)cmd - (u_int32_t *)rule->cmd; cmd = fill_cmd(cmd, action, F_INSN_SIZE(ipfw_insn), 0, 0); - rule->cmd_len = (u_int32_t *) cmd - (u_int32_t *) rule->cmd; + rule->cmd_len = (u_int32_t *)cmd - (u_int32_t *)rule->cmd; return ((char *)cmd - (char *)buf); } -static void ClearAllFWHoles(struct libalias *la); +static void ClearAllFWHoles(struct libalias *la); -#define fw_setfield(la, field, num) \ -do { \ - (field)[(num) - la->fireWallBaseNum] = 1; \ +#define fw_setfield(la, field, num) \ +do { \ + (field)[(num) - la->fireWallBaseNum] = 1; \ } /*lint -save -e717 */ while(0)/* lint -restore */ -#define fw_clrfield(la, field, num) \ -do { \ - (field)[(num) - la->fireWallBaseNum] = 0; \ +#define fw_clrfield(la, field, num) \ +do { \ + (field)[(num) - la->fireWallBaseNum] = 0; \ } /*lint -save -e717 */ while(0)/* lint -restore */ #define fw_tstfield(la, field, num) ((field)[(num) - la->fireWallBaseNum]) @@ -2686,7 +2656,6 @@ static void InitPunchFW(struct libalias *la) { - la->fireWallField = malloc(la->fireWallNumNums); if (la->fireWallField) { memset(la->fireWallField, 0, la->fireWallNumNums); @@ -2701,7 +2670,6 @@ static void UninitPunchFW(struct libalias *la) { - ClearAllFWHoles(la); if (la->fireWallFD >= 0) close(la->fireWallFD); @@ -2723,7 +2691,7 @@ la = lnk->la; -/* Don't do anything unless we are asked to */ + /* Don't do anything unless we are asked to */ if (!(la->packetAliasMode & PKT_ALIAS_PUNCH_FW) || la->fireWallFD < 0 || lnk->link_type != LINK_TCP) @@ -2731,7 +2699,7 @@ memset(&rule, 0, sizeof rule); -/** Build rule **/ + /** Build rule **/ /* Find empty slot */ for (fwhole = la->fireWallActiveNum; @@ -2782,7 +2750,7 @@ err(1, "alias punch inbound(2) setsockopt(IP_FW_ADD)"); } -/* Indicate hole applied */ + /* Indicate hole applied */ lnk->data.tcp->fwhole = fwhole; fw_setfield(la, la->fireWallField, fwhole); } @@ -2796,8 +2764,7 @@ la = lnk->la; if (lnk->link_type == LINK_TCP) { - int fwhole = lnk->data.tcp->fwhole; /* Where is the firewall - * hole? */ + int fwhole = lnk->data.tcp->fwhole; /* Where is the firewall hole? */ struct ip_fw rule; if (fwhole < 0) @@ -2836,7 +2803,6 @@ void LibAliasSetFWBase(struct libalias *la, unsigned int base, unsigned int num) { - LIBALIAS_LOCK(la); #ifndef NO_FW_PUNCH la->fireWallBaseNum = base; @@ -2848,7 +2814,6 @@ void LibAliasSetSkinnyPort(struct libalias *la, unsigned int port) { - LIBALIAS_LOCK(la); la->skinnyPort = port; LIBALIAS_UNLOCK(la); @@ -2867,16 +2832,19 @@ lnk = FindLinkIn(la, sm->ip_hdr->ip_src, sm->ip_hdr->ip_dst, sm->sctp_hdr->dest_port,sm->sctp_hdr->dest_port, LINK_SCTP, 1); if (lnk != NULL) { - return(lnk->src_addr); /* port redirect */ + /* port redirect */ + return (lnk->src_addr); } else { redir = FindOriginalAddress(la,sm->ip_hdr->ip_dst); if (redir.s_addr == la->aliasAddress.s_addr || - redir.s_addr == la->targetAddress.s_addr) { /* No address found */ + redir.s_addr == la->targetAddress.s_addr) { + /* No address found */ lnk = FindLinkIn(la, sm->ip_hdr->ip_src, sm->ip_hdr->ip_dst, NO_DEST_PORT, 0, LINK_SCTP, 1); if (lnk != NULL) - return(lnk->src_addr); /* redirect proto */ + /* redirect proto */ + return (lnk->src_addr); } - return(redir); /* address redirect */ + return (redir); /* address redirect */ } } diff --git a/sys/netinet/libalias/alias_dummy.c b/sys/netinet/libalias/alias_dummy.c --- a/sys/netinet/libalias/alias_dummy.c +++ b/sys/netinet/libalias/alias_dummy.c @@ -64,22 +64,20 @@ static int fingerprint(struct libalias *la, struct alias_data *ah) { - /* * Check here all the data that will be used later, if any field * is empy/NULL, return a -1 value. */ if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL || - ah->maxpktsize == 0) + ah->maxpktsize == 0) return (-1); /* * Fingerprint the incoming packet, if it matches any conditions * return an OK value. */ - if (ntohs(*ah->dport) == 123 - || ntohs(*ah->sport) == 456) - return (0); /* I know how to handle it. */ - return (-1); /* I don't recognize this packet. */ + if (ntohs(*ah->dport) == 123 || ntohs(*ah->sport) == 456) + return (0); /* I know how to handle it. */ + return (-1); /* I don't recognize this packet. */ } /* @@ -90,7 +88,6 @@ static int protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandleDummy(la, pip, ah); return (0); } @@ -119,7 +116,7 @@ { int error; - switch (type) { + switch (type) { case MOD_LOAD: error = 0; LibAliasAttachHandlers(handlers); @@ -141,7 +138,7 @@ "alias_dummy", mod_handler, NULL }; -#ifdef _KERNEL +#ifdef _KERNEL DECLARE_MODULE(alias_dummy, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND); MODULE_VERSION(alias_dummy, 1); MODULE_DEPEND(alias_dummy, libalias, 1, 1, 1); diff --git a/sys/netinet/libalias/alias_ftp.c b/sys/netinet/libalias/alias_ftp.c --- a/sys/netinet/libalias/alias_ftp.c +++ b/sys/netinet/libalias/alias_ftp.c @@ -109,7 +109,6 @@ static int fingerprint_out(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL || ah->maxpktsize == 0) return (-1); @@ -122,7 +121,6 @@ static int fingerprint_in(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL) return (-1); if (ntohs(*ah->dport) == FTP_CONTROL_PORT_NUMBER || @@ -134,7 +132,6 @@ static int protohandler_out(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandleFtpOut(la, pip, ah->lnk, ah->maxpktsize); return (0); } @@ -142,7 +139,6 @@ static int protohandler_in(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandleFtpIn(la, pip, ah->lnk); return (0); } @@ -170,7 +166,7 @@ { int error; - switch (type) { + switch (type) { case MOD_LOAD: error = 0; LibAliasAttachHandlers(handlers); @@ -192,7 +188,7 @@ "alias_ftp", mod_handler, NULL }; -#ifdef _KERNEL +#ifdef _KERNEL DECLARE_MODULE(alias_ftp, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND); MODULE_VERSION(alias_ftp, 1); MODULE_DEPEND(alias_ftp, libalias, 1, 1, 1); @@ -224,43 +220,39 @@ struct ip *pip, /* IP packet to examine/patch */ struct alias_link *lnk, /* The link to go through (aliased port) */ int maxpacketsize /* The maximum size this packet can grow to - (including headers) */ ) + (including headers) */ ) { int hlen, tlen, dlen, pflags; char *sptr; struct tcphdr *tc; int ftp_message_type; -/* Calculate data length of TCP packet */ + /* Calculate data length of TCP packet */ tc = (struct tcphdr *)ip_next(pip); hlen = (pip->ip_hl + tc->th_off) << 2; tlen = ntohs(pip->ip_len); dlen = tlen - hlen; -/* Place string pointer and beginning of data */ + /* Place string pointer and beginning of data */ sptr = (char *)pip; sptr += hlen; -/* - * Check that data length is not too long and previous message was - * properly terminated with CRLF. - */ + /* + * Check that data length is not too long and previous message was + * properly terminated with CRLF. + */ pflags = GetProtocolFlags(lnk); if (dlen <= MAX_MESSAGE_SIZE && !(pflags & WAIT_CRLF)) { ftp_message_type = FTP_UNKNOWN_MESSAGE; if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER) { -/* - * When aliasing a client, check for the PORT/EPRT command. - */ + /* When aliasing a client, check for the PORT/EPRT command. */ if (ParseFtpPortCommand(la, sptr, dlen)) ftp_message_type = FTP_PORT_COMMAND; else if (ParseFtpEprtCommand(la, sptr, dlen)) ftp_message_type = FTP_EPRT_COMMAND; } else { -/* - * When aliasing a server, check for the 227/229 reply. - */ + /* When aliasing a server, check for the 227/229 reply. */ if (ParseFtp227Reply(la, sptr, dlen)) ftp_message_type = FTP_227_REPLY; else if (ParseFtp229Reply(la, sptr, dlen)) { @@ -272,12 +264,11 @@ if (ftp_message_type != FTP_UNKNOWN_MESSAGE) NewFtpMessage(la, pip, lnk, maxpacketsize, ftp_message_type); } -/* Track the msgs which are CRLF term'd for PORT/PASV FW breach */ - if (dlen) { /* only if there's data */ + /* Track the msgs which are CRLF term'd for PORT/PASV FW breach */ + if (dlen) { /* only if there's data */ sptr = (char *)pip; /* start over at beginning */ - tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may - * have grown */ + tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may have grown */ if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n') pflags &= ~WAIT_CRLF; else @@ -313,7 +304,7 @@ if (dlen <= MAX_MESSAGE_SIZE && (pflags & WAIT_CRLF) == 0 && ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER && (ParseFtpPortCommand(la, sptr, dlen) != 0 || - ParseFtpEprtCommand(la, sptr, dlen) != 0)) { + ParseFtpEprtCommand(la, sptr, dlen) != 0)) { /* * Alias active mode client requesting data from server * behind NAT. We need to alias server->client connection @@ -327,8 +318,7 @@ if (dlen) { sptr = (char *)pip; /* start over at beginning */ tlen = ntohs(pip->ip_len); /* recalc tlen, pkt may - * have grown. - */ + * have grown. */ if (sptr[tlen - 2] == '\r' && sptr[tlen - 1] == '\n') pflags &= ~WAIT_CRLF; else @@ -650,7 +640,7 @@ { struct alias_link *ftp_lnk; -/* Security checks. */ + /* Security checks. */ if (pip->ip_src.s_addr != la->true_addr.s_addr) return; @@ -671,13 +661,13 @@ PunchFWHole(ftp_lnk); #endif -/* Calculate data length of TCP packet */ + /* Calculate data length of TCP packet */ tc = (struct tcphdr *)ip_next(pip); hlen = (pip->ip_hl + tc->th_off) << 2; tlen = ntohs(pip->ip_len); dlen = tlen - hlen; -/* Create new FTP message. */ + /* Create new FTP message. */ { char stemp[MAX_MESSAGE_SIZE + 1]; char *sptr; @@ -686,9 +676,9 @@ int a1, a2, a3, a4, p1, p2; struct in_addr alias_address; -/* Decompose alias address into quad format */ + /* Decompose alias address into quad format */ alias_address = GetAliasAddress(lnk); - ptr = (u_char *) & alias_address.s_addr; + ptr = (u_char *)&alias_address.s_addr; a1 = *ptr++; a2 = *ptr++; a3 = *ptr++; @@ -696,7 +686,7 @@ alias_port = GetAliasPort(ftp_lnk); -/* Prepare new command */ + /* Prepare new command */ switch (ftp_message_type) { case FTP_PORT_COMMAND: case FTP_227_REPLY: @@ -728,27 +718,27 @@ break; } -/* Save string length for IP header modification */ + /* Save string length for IP header modification */ slen = strlen(stemp); -/* Copy modified buffer into IP packet. */ + /* Copy modified buffer into IP packet. */ sptr = (char *)pip; sptr += hlen; strncpy(sptr, stemp, maxpacketsize - hlen); } -/* Save information regarding modified seq and ack numbers */ + /* Save information regarding modified seq and ack numbers */ { int delta; SetAckModified(lnk); - tc = (struct tcphdr *)ip_next(pip); + tc = (struct tcphdr *)ip_next(pip); delta = GetDeltaSeqOut(tc->th_seq, lnk); - AddSeq(lnk, delta + slen - dlen, pip->ip_hl, + AddSeq(lnk, delta + slen - dlen, pip->ip_hl, pip->ip_len, tc->th_seq, tc->th_off); } -/* Revise IP header */ + /* Revise IP header */ { u_short new_len; @@ -761,7 +751,7 @@ pip->ip_len = new_len; } -/* Compute TCP checksum for revised packet */ + /* Compute TCP checksum for revised packet */ tc->th_sum = 0; #ifdef _KERNEL tc->th_x2 = 1; diff --git a/sys/netinet/libalias/alias_irc.c b/sys/netinet/libalias/alias_irc.c --- a/sys/netinet/libalias/alias_irc.c +++ b/sys/netinet/libalias/alias_irc.c @@ -91,13 +91,12 @@ #define DBprintf(a) static void -AliasHandleIrcOut(struct libalias *, struct ip *, struct alias_link *, - int maxpacketsize); +AliasHandleIrcOut(struct libalias *, struct ip *, struct alias_link *, + int maxpacketsize); static int fingerprint(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->lnk == NULL || ah->maxpktsize == 0) return (-1); if (ntohs(*ah->dport) == IRC_CONTROL_PORT_NUMBER_1 @@ -109,7 +108,6 @@ static int protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah) { - newpacket = malloc(PKTSIZE); if (newpacket) { AliasHandleIrcOut(la, pip, ah->lnk, ah->maxpktsize); @@ -157,7 +155,7 @@ }; /* Kernel module definition. */ -#ifdef _KERNEL +#ifdef _KERNEL DECLARE_MODULE(alias_irc, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND); MODULE_VERSION(alias_irc, 1); MODULE_DEPEND(alias_irc, libalias, 1, 1, 1); @@ -178,7 +176,7 @@ struct tcphdr *tc; int i; /* Iterator through the source */ -/* Calculate data length of TCP packet */ + /* Calculate data length of TCP packet */ tc = (struct tcphdr *)ip_next(pip); hlen = (pip->ip_hl + tc->th_off) << 2; tlen = ntohs(pip->ip_len); @@ -191,7 +189,7 @@ if (dlen < (int)sizeof(":A!a@n.n PRIVMSG A :aDCC 1 1a") - 1) return; -/* Place string pointer at beginning of data */ + /* Place string pointer at beginning of data */ sptr = (char *)pip; sptr += hlen; maxsize -= hlen; /* We're interested in maximum size of @@ -204,7 +202,7 @@ } return; /* No CTCP commands in */ /* Handle CTCP commands - the buffer may have to be copied */ -lFOUND_CTCP: + lFOUND_CTCP: { unsigned int copyat = i; unsigned int iCopy = 0; /* How much data have we written to @@ -213,7 +211,7 @@ unsigned short org_port; /* Original source port * address */ -lCTCP_START: + lCTCP_START: if (i >= dlen || iCopy >= PKTSIZE) goto lPACKET_DONE; newpacket[iCopy++] = sptr[i++]; /* Copy the CTCP start @@ -413,7 +411,7 @@ * has been pushed. Also used to copy the rest of a DCC, * after IP address and port has been handled */ -lBAD_CTCP: + lBAD_CTCP: for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) { newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */ if (sptr[i] == '\001') { @@ -422,7 +420,7 @@ } goto lPACKET_DONE; /* Normal text */ -lNORMAL_TEXT: + lNORMAL_TEXT: for (; i < dlen && iCopy < PKTSIZE; i++, iCopy++) { newpacket[iCopy] = sptr[i]; /* Copy CTCP unchanged */ if (sptr[i] == '\001') { @@ -430,16 +428,16 @@ } } /* Handle the end of a packet */ -lPACKET_DONE: + lPACKET_DONE: iCopy = iCopy > maxsize - copyat ? maxsize - copyat : iCopy; memcpy(sptr + copyat, newpacket, iCopy); -/* Save information regarding modified seq and ack numbers */ + /* Save information regarding modified seq and ack numbers */ { int delta; SetAckModified(lnk); - tc = (struct tcphdr *)ip_next(pip); + tc = (struct tcphdr *)ip_next(pip); delta = GetDeltaSeqOut(tc->th_seq, lnk); AddSeq(lnk, delta + copyat + iCopy - dlen, pip->ip_hl, pip->ip_len, tc->th_seq, tc->th_off); @@ -469,20 +467,20 @@ } /* Notes: - [Note 1] - The initial search will most often fail; it could be replaced with a 32-bit specific search. - Such a search would be done for 32-bit unsigned value V: - V ^= 0x01010101; (Search is for null bytes) - if( ((V-0x01010101)^V) & 0x80808080 ) { + [Note 1] + The initial search will most often fail; it could be replaced with a 32-bit specific search. + Such a search would be done for 32-bit unsigned value V: + V ^= 0x01010101; (Search is for null bytes) + if( ((V-0x01010101)^V) & 0x80808080 ) { (found a null bytes which was a 01 byte) - } - To assert that the processor is 32-bits, do + } + To assert that the processor is 32-bits, do extern int ircdccar[32]; (32 bits) extern int ircdccar[CHAR_BIT*sizeof(unsigned int)]; - which will generate a type-error on all but 32-bit machines. + which will generate a type-error on all but 32-bit machines. - [Note 2] This routine really ought to be replaced with one that - creates a transparent proxy on the aliasing host, to allow arbitrary - changes in the TCP stream. This should not be too difficult given - this base; I (ee) will try to do this some time later. - */ + [Note 2] This routine really ought to be replaced with one that + creates a transparent proxy on the aliasing host, to allow arbitrary + changes in the TCP stream. This should not be too difficult given + this base; I (ee) will try to do this some time later. +*/ diff --git a/sys/netinet/libalias/alias_local.h b/sys/netinet/libalias/alias_local.h --- a/sys/netinet/libalias/alias_local.h +++ b/sys/netinet/libalias/alias_local.h @@ -66,8 +66,8 @@ #endif /* Sizes of input and output link tables */ -#define LINK_TABLE_OUT_SIZE 4001 -#define LINK_TABLE_IN_SIZE 4001 +#define LINK_TABLE_OUT_SIZE 4001 +#define LINK_TABLE_IN_SIZE 4001 #define GET_ALIAS_PORT -1 #define GET_ALIAS_ID GET_ALIAS_PORT @@ -82,30 +82,21 @@ struct libalias { LIST_ENTRY(libalias) instancelist; - - int packetAliasMode; /* Mode flags */ - /* - documented in alias.h */ - - struct in_addr aliasAddress; /* Address written onto source */ - /* field of IP packet. */ - - struct in_addr targetAddress; /* IP address incoming packets */ - /* are sent to if no aliasing */ - /* link already exists */ - - struct in_addr nullAddress; /* Used as a dummy parameter for */ - /* some function calls */ - - LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE]; - /* Lookup table of pointers to */ - /* chains of link records. Each */ - - LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE]; - /* link record is doubly indexed */ - /* into input and output lookup */ - /* tables. */ - - /* Link statistics */ + /* Mode flags documented in alias.h */ + int packetAliasMode; + /* Address written onto source field of IP packet. */ + struct in_addr aliasAddress; + /* IP address incoming packets are sent to + * if no aliasing link already exists */ + struct in_addr targetAddress; + /* Used as a dummy parameter for some function calls */ + struct in_addr nullAddress; + /* Lookup table of pointers to chains of link records. + * Each link record is doubly indexed into input and + * output lookup tables. */ + LIST_HEAD (, alias_link) linkTableOut[LINK_TABLE_OUT_SIZE]; + LIST_HEAD (, alias_link) linkTableIn[LINK_TABLE_IN_SIZE]; + /* Link statistics */ int icmpLinkCount; int udpLinkCount; int tcpLinkCount; @@ -114,49 +105,41 @@ int fragmentIdLinkCount; int fragmentPtrLinkCount; int sockCount; - - int cleanupIndex; /* Index to chain of link table */ - /* being inspected for old links */ - - int timeStamp; /* System time in seconds for */ - /* current packet */ - - int lastCleanupTime; /* Last time - * IncrementalCleanup() */ - /* was called */ - - int deleteAllLinks; /* If equal to zero, DeleteLink() */ - /* will not remove permanent links */ - - /* log descriptor */ -#ifdef _KERNEL - char *logDesc; -#else - FILE *logDesc; + /* Index to chain of link table being inspected for old links */ + int cleanupIndex; + /* System time in seconds for current packet */ + int timeStamp; + /* Last time IncrementalCleanup() was called */ + int lastCleanupTime; + /* If equal to zero, DeleteLink() + * will not remove permanent links */ + int deleteAllLinks; + /* log descriptor */ +#ifdef _KERNEL + char *logDesc; +#else + FILE *logDesc; #endif - /* statistics monitoring */ - - int newDefaultLink; /* Indicates if a new aliasing */ - /* link has been created after a */ - /* call to PacketAliasIn/Out(). */ + /* Indicates if a new aliasing link has been created + * after a call to PacketAliasIn/Out(). */ + int newDefaultLink; #ifndef NO_FW_PUNCH - int fireWallFD; /* File descriptor to be able to */ - /* control firewall. Opened by */ - /* PacketAliasSetMode on first */ - /* setting the PKT_ALIAS_PUNCH_FW */ - /* flag. */ - int fireWallBaseNum; /* The first firewall entry - * free for our use */ - int fireWallNumNums; /* How many entries can we - * use? */ - int fireWallActiveNum; /* Which entry did we last - * use? */ - char *fireWallField; /* bool array for entries */ + /* File descriptor to be able to control firewall. + * Opened by PacketAliasSetMode on first setting + * the PKT_ALIAS_PUNCH_FW flag. */ + int fireWallFD; + /* The first firewall entry free for our use */ + int fireWallBaseNum; + /* How many entries can we use? */ + int fireWallNumNums; + /* Which entry did we last use? */ + int fireWallActiveNum; + /* bool array for entries */ + char *fireWallField; #endif - - unsigned int skinnyPort; /* TCP port used by the Skinny */ - /* protocol. */ + /* TCP port used by the Skinny protocol. */ + unsigned int skinnyPort; struct proxy_entry *proxyList; @@ -173,25 +156,17 @@ /* counts associations that have progressed to UP and not yet removed */ int sctpLinkCount; -#ifdef _KERNEL +#ifdef _KERNEL /* timing queue for keeping track of association timeouts */ struct sctp_nat_timer sctpNatTimer; - /* size of hash table used in this instance */ u_int sctpNatTableSize; - -/* - * local look up table sorted by l_vtag/l_port - */ + /* local look up table sorted by l_vtag/l_port */ LIST_HEAD(sctpNatTableL, sctp_nat_assoc) *sctpTableLocal; -/* - * global look up table sorted by g_vtag/g_port - */ + /* global look up table sorted by g_vtag/g_port */ LIST_HEAD(sctpNatTableG, sctp_nat_assoc) *sctpTableGlobal; - /* - * avoid races in libalias: every public function has to use it. - */ + /* avoid races in libalias: every public function has to use it. */ struct mtx mutex; #endif }; @@ -200,7 +175,7 @@ #ifdef _KERNEL #define LIBALIAS_LOCK_INIT(l) \ - mtx_init(&l->mutex, "per-instance libalias mutex", NULL, MTX_DEF) + mtx_init(&l->mutex, "per-instance libalias mutex", NULL, MTX_DEF) #define LIBALIAS_LOCK_ASSERT(l) mtx_assert(&l->mutex, MA_OWNED) #define LIBALIAS_LOCK(l) mtx_lock(&l->mutex) #define LIBALIAS_UNLOCK(l) mtx_unlock(&l->mutex) @@ -240,7 +215,7 @@ /* * SctpFunction prototypes - * + * */ void AliasSctpInit(struct libalias *la); void AliasSctpTerm(struct libalias *la); @@ -279,9 +254,9 @@ FindFragmentIn2(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, u_short _ip_id); struct alias_link * - AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); +AddFragmentPtrLink(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); struct alias_link * - FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); +FindFragmentPtr(struct libalias *la, struct in_addr _dst_addr, u_short _ip_id); struct alias_link * FindProtoIn(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, u_char _proto); @@ -313,17 +288,17 @@ FindRtspOut(struct libalias *la, struct in_addr _src_addr, struct in_addr _dst_addr, u_short _src_port, u_short _alias_port, u_char _proto); struct in_addr - FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr); +FindOriginalAddress(struct libalias *la, struct in_addr _alias_addr); +struct in_addr +FindAliasAddress(struct libalias *la, struct in_addr _original_addr); struct in_addr - FindAliasAddress(struct libalias *la, struct in_addr _original_addr); -struct in_addr FindSctpRedirectAddress(struct libalias *la, struct sctp_nat_msg *sm); /* External data access/modification */ -int -FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _alias_addr, - u_short _src_port, u_short _dst_port, u_short _port_count, - u_char _proto, u_char _align); +int FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, + struct in_addr _alias_addr, u_short _src_port, + u_short _dst_port, u_short _port_count, u_char _proto, + u_char _align); void GetFragmentAddr(struct alias_link *_lnk, struct in_addr *_src_addr); void SetFragmentAddr(struct alias_link *_lnk, struct in_addr _src_addr); void GetFragmentPtr(struct alias_link *_lnk, void **_fptr); @@ -332,27 +307,22 @@ void SetStateOut(struct alias_link *_lnk, int _state); int GetStateIn (struct alias_link *_lnk); int GetStateOut(struct alias_link *_lnk); -struct in_addr - GetOriginalAddress(struct alias_link *_lnk); -struct in_addr - GetDestAddress(struct alias_link *_lnk); -struct in_addr - GetAliasAddress(struct alias_link *_lnk); -struct in_addr - GetDefaultAliasAddress(struct libalias *la); +struct in_addr GetOriginalAddress(struct alias_link *_lnk); +struct in_addr GetDestAddress(struct alias_link *_lnk); +struct in_addr GetAliasAddress(struct alias_link *_lnk); +struct in_addr GetDefaultAliasAddress(struct libalias *la); void SetDefaultAliasAddress(struct libalias *la, struct in_addr _alias_addr); u_short GetOriginalPort(struct alias_link *_lnk); u_short GetAliasPort(struct alias_link *_lnk); -struct in_addr - GetProxyAddress(struct alias_link *_lnk); +struct in_addr GetProxyAddress(struct alias_link *_lnk); void SetProxyAddress(struct alias_link *_lnk, struct in_addr _addr); u_short GetProxyPort(struct alias_link *_lnk); void SetProxyPort(struct alias_link *_lnk, u_short _port); void SetAckModified(struct alias_link *_lnk); int GetAckModified(struct alias_link *_lnk); int GetDeltaAckIn(u_long, struct alias_link *_lnk); -int GetDeltaSeqOut(u_long, struct alias_link *lnk); -void AddSeq(struct alias_link *lnk, int delta, u_int ip_hl, +int GetDeltaSeqOut(u_long, struct alias_link *lnk); +void AddSeq(struct alias_link *lnk, int delta, u_int ip_hl, u_short ip_len, u_long th_seq, u_int th_off); void SetExpire (struct alias_link *_lnk, int _expire); void ClearCheckNewLink(struct libalias *la); @@ -368,18 +338,18 @@ /* Housekeeping function */ void HouseKeeping(struct libalias *); -/* Tcp specific routines */ -/* lint -save -library Suppress flexelint warnings */ - /* Transparent proxy routines */ int ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr, - u_short * proxy_server_port, struct in_addr src_addr, + u_short * proxy_server_port, struct in_addr src_addr, struct in_addr dst_addr, u_short dst_port, u_char ip_p); void ProxyModify(struct libalias *la, struct alias_link *_lnk, struct ip *_pip, int _maxpacketsize, int _proxy_type); +/* Tcp specific routines */ +/* lint -save -library Suppress flexelint warnings */ + enum alias_tcp_state { ALIAS_TCP_STATE_NOT_CONNECTED, ALIAS_TCP_STATE_CONNECTED, diff --git a/sys/netinet/libalias/alias_mod.c b/sys/netinet/libalias/alias_mod.c --- a/sys/netinet/libalias/alias_mod.c +++ b/sys/netinet/libalias/alias_mod.c @@ -97,7 +97,6 @@ int LibAliasDetachHandlers(struct proto_handler *p) { - while (p->dir != NODIR) { TAILQ_REMOVE(&handler_chain, p, link); p++; @@ -123,7 +122,6 @@ struct proto_handler * first_handler(void) { - return (TAILQ_FIRST(&handler_chain)); } diff --git a/sys/netinet/libalias/alias_nbt.c b/sys/netinet/libalias/alias_nbt.c --- a/sys/netinet/libalias/alias_nbt.c +++ b/sys/netinet/libalias/alias_nbt.c @@ -73,20 +73,19 @@ static int AliasHandleUdpNbt(struct libalias *, struct ip *, struct alias_link *, - struct in_addr *, u_short); - + struct in_addr *, u_short); static int AliasHandleUdpNbtNS(struct libalias *, struct ip *, struct alias_link *, - struct in_addr *, u_short *, struct in_addr *, u_short *); + struct in_addr *, u_short *, struct in_addr *, u_short *); + static int fingerprint1(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL || ah->aaddr == NULL || ah->aport == NULL) return (-1); if (ntohs(*ah->dport) == NETBIOS_DGM_PORT_NUMBER - || ntohs(*ah->sport) == NETBIOS_DGM_PORT_NUMBER) + || ntohs(*ah->sport) == NETBIOS_DGM_PORT_NUMBER) return (0); return (-1); } @@ -94,14 +93,12 @@ static int protohandler1(struct libalias *la, struct ip *pip, struct alias_data *ah) { - return (AliasHandleUdpNbt(la, pip, ah->lnk, ah->aaddr, *ah->aport)); } static int fingerprint2(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL || ah->aaddr == NULL || ah->aport == NULL) return (-1); @@ -114,18 +111,16 @@ static int protohandler2in(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandleUdpNbtNS(la, pip, ah->lnk, ah->aaddr, ah->aport, - ah->oaddr, ah->dport); + ah->oaddr, ah->dport); return (0); } static int protohandler2out(struct libalias *la, struct ip *pip, struct alias_data *ah) { - return (AliasHandleUdpNbtNS(la, pip, ah->lnk, &pip->ip_src, ah->sport, - ah->aaddr, ah->aport)); + ah->aaddr, ah->aport)); } /* Kernel module definition. */ @@ -174,14 +169,14 @@ return (error); } -#ifdef _KERNEL +#ifdef _KERNEL static #endif moduledata_t alias_mod = { "alias_nbt", mod_handler, NULL }; -#ifdef _KERNEL +#ifdef _KERNEL DECLARE_MODULE(alias_nbt, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND); MODULE_VERSION(alias_nbt, 1); MODULE_DEPEND(alias_nbt, libalias, 1, 1, 1); @@ -192,8 +187,8 @@ u_short oldport; struct in_addr newaddr; u_short newport; - u_short *uh_sum; -} NBTArguments; + u_short *uh_sum; +} NBTArguments; typedef struct { unsigned char type; @@ -203,7 +198,7 @@ u_short source_port; u_short len; u_short offset; -} NbtDataHeader; +} NbtDataHeader; #define OpQuery 0 #define OpUnknown 4 @@ -213,12 +208,12 @@ #define OpRefresh 8 typedef struct { u_short nametrid; - u_short dir: 1, opcode:4, nmflags:7, rcode:4; + u_short dir:1, opcode:4, nmflags:7, rcode:4; u_short qdcount; u_short ancount; u_short nscount; u_short arcount; -} NbtNSHeader; +} NbtNSHeader; #define FMT_ERR 0x1 #define SRV_ERR 0x2 @@ -231,9 +226,8 @@ static void PrintRcode(u_char rcode) { - switch (rcode) { - case FMT_ERR: + case FMT_ERR: printf("\nFormat Error."); case SRV_ERR: printf("\nSever failure."); @@ -253,10 +247,9 @@ #endif /* Handling Name field */ -static u_char * -AliasHandleName(u_char * p, char *pmax) +static u_char * +AliasHandleName(u_char *p, char *pmax) { - u_char *s; u_char c; int compress; @@ -270,7 +263,7 @@ p = p + 2; if ((char *)p > pmax) return (NULL); - return ((u_char *) p); + return ((u_char *)p); } while ((*p & 0x3f) != 0x00) { s = p + 1; @@ -280,7 +273,7 @@ compress = 0; /* Get next length field */ - p = (u_char *) (p + (*p & 0x3f) + 1); + p = (u_char *)(p + (*p & 0x3f) + 1); if ((char *)p > pmax) { p = NULL; break; @@ -316,7 +309,7 @@ p = NULL; else p++; - return ((u_char *) p); + return ((u_char *)p); } /* @@ -325,19 +318,18 @@ #define DGM_DIRECT_UNIQ 0x10 #define DGM_DIRECT_GROUP 0x11 #define DGM_BROADCAST 0x12 -#define DGM_ERROR 0x13 -#define DGM_QUERY 0x14 +#define DGM_ERROR 0x13 +#define DGM_QUERY 0x14 #define DGM_POSITIVE_RES 0x15 #define DGM_NEGATIVE_RES 0x16 static int AliasHandleUdpNbt( - struct libalias *la, - struct ip *pip, /* IP packet to examine/patch */ + struct libalias *la, + struct ip *pip, /* IP packet to examine/patch */ struct alias_link *lnk, - struct in_addr *alias_address, - u_short alias_port -) + struct in_addr *alias_address, + u_short alias_port) { struct udphdr *uh; NbtDataHeader *ndh; @@ -364,17 +356,17 @@ case DGM_DIRECT_UNIQ: case DGM_DIRECT_GROUP: case DGM_BROADCAST: - p = (u_char *) ndh + 14; + p = (u_char *)ndh + 14; p = AliasHandleName(p, pmax); /* Source Name */ p = AliasHandleName(p, pmax); /* Destination Name */ break; case DGM_ERROR: - p = (u_char *) ndh + 11; + p = (u_char *)ndh + 11; break; case DGM_QUERY: case DGM_POSITIVE_RES: case DGM_NEGATIVE_RES: - p = (u_char *) ndh + 10; + p = (u_char *)ndh + 10; p = AliasHandleName(p, pmax); /* Destination Name */ break; } @@ -391,10 +383,10 @@ acc = ndh->source_port; acc -= alias_port; - sptr = (u_short *) & (ndh->source_ip); + sptr = (u_short *)&(ndh->source_ip); acc += *sptr++; acc += *sptr; - sptr = (u_short *) alias_address; + sptr = (u_short *)alias_address; acc -= *sptr++; acc -= *sptr; ADJUST_CHECKSUM(acc, uh->uh_sum); @@ -410,27 +402,26 @@ } /* Question Section */ -#define QS_TYPE_NB 0x0020 +#define QS_TYPE_NB 0x0020 #define QS_TYPE_NBSTAT 0x0021 -#define QS_CLAS_IN 0x0001 +#define QS_CLAS_IN 0x0001 typedef struct { u_short type; /* The type of Request */ u_short class; /* The class of Request */ -} NBTNsQuestion; +} NBTNsQuestion; -static u_char * +static u_char * AliasHandleQuestion( u_short count, NBTNsQuestion * q, char *pmax, NBTArguments * nbtarg) { - (void)nbtarg; while (count != 0) { /* Name Filed */ - q = (NBTNsQuestion *) AliasHandleName((u_char *) q, pmax); + q = (NBTNsQuestion *)AliasHandleName((u_char *)q, pmax); if (q == NULL || (char *)(q + 1) > pmax) { q = NULL; @@ -452,35 +443,35 @@ } /* Set up to out of Question Section */ - return ((u_char *) q); + return ((u_char *)q); } /* Resource Record */ -#define RR_TYPE_A 0x0001 -#define RR_TYPE_NS 0x0002 +#define RR_TYPE_A 0x0001 +#define RR_TYPE_NS 0x0002 #define RR_TYPE_NULL 0x000a -#define RR_TYPE_NB 0x0020 +#define RR_TYPE_NB 0x0020 #define RR_TYPE_NBSTAT 0x0021 -#define RR_CLAS_IN 0x0001 +#define RR_CLAS_IN 0x0001 #define SizeOfNsResource 8 typedef struct { u_short type; u_short class; unsigned int ttl; u_short rdlen; -} NBTNsResource; +} NBTNsResource; -#define SizeOfNsRNB 6 +#define SizeOfNsRNB 6 typedef struct { - u_short g: 1 , ont:2, resv:13; + u_short g:1, ont:2, resv:13; struct in_addr addr; -} NBTNsRNB; +} NBTNsRNB; -static u_char * +static u_char * AliasHandleResourceNB( - NBTNsResource * q, - char *pmax, - NBTArguments * nbtarg) + NBTNsResource *q, + char *pmax, + NBTArguments *nbtarg) { NBTNsRNB *nb; u_short bcount; @@ -495,7 +486,7 @@ bcount = ntohs(q->rdlen); /* Forward to Resource NB position */ - nb = (NBTNsRNB *) ((u_char *) q + SizeOfNsResource); + nb = (NBTNsRNB *)((u_char *)q + SizeOfNsResource); /* Processing all in_addr array */ #ifdef LIBALIAS_DEBUG @@ -517,10 +508,10 @@ int acc; u_short *sptr; - sptr = (u_short *) & (nb->addr); + sptr = (u_short *)&(nb->addr); acc = *sptr++; acc += *sptr; - sptr = (u_short *) & (nbtarg->newaddr); + sptr = (u_short *)&(nbtarg->newaddr); acc -= *sptr++; acc -= *sptr; ADJUST_CHECKSUM(acc, *nbtarg->uh_sum); @@ -535,25 +526,25 @@ printf("."); } #endif - nb = (NBTNsRNB *) ((u_char *) nb + SizeOfNsRNB); + nb = (NBTNsRNB *)((u_char *)nb + SizeOfNsRNB); bcount -= SizeOfNsRNB; } if (nb == NULL || (char *)(nb + 1) > pmax) { nb = NULL; } - return ((u_char *) nb); + return ((u_char *)nb); } #define SizeOfResourceA 6 typedef struct { struct in_addr addr; -} NBTNsResourceA; +} NBTNsResourceA; -static u_char * +static u_char * AliasHandleResourceA( - NBTNsResource * q, - char *pmax, - NBTArguments * nbtarg) + NBTNsResource *q, + char *pmax, + NBTArguments *nbtarg) { NBTNsResourceA *a; u_short bcount; @@ -566,7 +557,7 @@ return (NULL); /* Forward to Resource A position */ - a = (NBTNsResourceA *) ((u_char *) q + sizeof(NBTNsResource)); + a = (NBTNsResourceA *)((u_char *)q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); @@ -588,10 +579,10 @@ int acc; u_short *sptr; - sptr = (u_short *) & (a->addr); /* Old */ + sptr = (u_short *)&(a->addr); /* Old */ acc = *sptr++; acc += *sptr; - sptr = (u_short *) & nbtarg->newaddr; /* New */ + sptr = (u_short *)&nbtarg->newaddr; /* New */ acc -= *sptr++; acc -= *sptr; ADJUST_CHECKSUM(acc, *nbtarg->uh_sum); @@ -603,18 +594,18 @@ } if (a == NULL || (char *)(a + 1) > pmax) a = NULL; - return ((u_char *) a); + return ((u_char *)a); } typedef struct { u_short opcode:4, flags:8, resv:4; -} NBTNsResourceNULL; +} NBTNsResourceNULL; -static u_char * +static u_char * AliasHandleResourceNULL( - NBTNsResource * q, - char *pmax, - NBTArguments * nbtarg) + NBTNsResource *q, + char *pmax, + NBTArguments *nbtarg) { NBTNsResourceNULL *n; u_short bcount; @@ -625,7 +616,7 @@ return (NULL); /* Forward to Resource NULL position */ - n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource)); + n = (NBTNsResourceNULL *)((u_char *)q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); @@ -642,14 +633,14 @@ if ((char *)(n + 1) > pmax) n = NULL; - return ((u_char *) n); + return ((u_char *)n); } -static u_char * +static u_char * AliasHandleResourceNS( - NBTNsResource * q, - char *pmax, - NBTArguments * nbtarg) + NBTNsResource *q, + char *pmax, + NBTArguments *nbtarg) { NBTNsResourceNULL *n; u_short bcount; @@ -660,29 +651,29 @@ return (NULL); /* Forward to Resource NULL position */ - n = (NBTNsResourceNULL *) ((u_char *) q + sizeof(NBTNsResource)); + n = (NBTNsResourceNULL *)((u_char *)q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); /* Resource Record Name Filed */ - q = (NBTNsResource *) AliasHandleName((u_char *) n, pmax); /* XXX */ + q = (NBTNsResource *)AliasHandleName((u_char *)n, pmax); /* XXX */ - if (q == NULL || (char *)((u_char *) n + bcount) > pmax) + if (q == NULL || (char *)((u_char *)n + bcount) > pmax) return (NULL); else - return ((u_char *) n + bcount); + return ((u_char *)n + bcount); } typedef struct { u_short numnames; -} NBTNsResourceNBSTAT; +} NBTNsResourceNBSTAT; -static u_char * +static u_char * AliasHandleResourceNBSTAT( - NBTNsResource * q, - char *pmax, - NBTArguments * nbtarg) + NBTNsResource *q, + char *pmax, + NBTArguments *nbtarg) { NBTNsResourceNBSTAT *n; u_short bcount; @@ -693,28 +684,27 @@ return (NULL); /* Forward to Resource NBSTAT position */ - n = (NBTNsResourceNBSTAT *) ((u_char *) q + sizeof(NBTNsResource)); + n = (NBTNsResourceNBSTAT *)((u_char *)q + sizeof(NBTNsResource)); /* Check out of length */ bcount = ntohs(q->rdlen); - if (q == NULL || (char *)((u_char *) n + bcount) > pmax) + if (q == NULL || (char *)((u_char *)n + bcount) > pmax) return (NULL); else - return ((u_char *) n + bcount); + return ((u_char *)n + bcount); } -static u_char * +static u_char * AliasHandleResource( - u_short count, - NBTNsResource * q, - char *pmax, - NBTArguments - * nbtarg) + u_short count, + NBTNsResource *q, + char *pmax, + NBTArguments *nbtarg) { while (count != 0) { /* Resource Record Name Filed */ - q = (NBTNsResource *) AliasHandleName((u_char *) q, pmax); + q = (NBTNsResource *)AliasHandleName((u_char *)q, pmax); if (q == NULL || (char *)(q + 1) > pmax) break; @@ -725,39 +715,24 @@ /* Type and Class filed */ switch (ntohs(q->type)) { case RR_TYPE_NB: - q = (NBTNsResource *) AliasHandleResourceNB( - q, - pmax, - nbtarg - ); + q = (NBTNsResource *)AliasHandleResourceNB( + q, pmax, nbtarg); break; case RR_TYPE_A: - q = (NBTNsResource *) AliasHandleResourceA( - q, - pmax, - nbtarg - ); + q = (NBTNsResource *)AliasHandleResourceA( + q, pmax, nbtarg); break; case RR_TYPE_NS: - q = (NBTNsResource *) AliasHandleResourceNS( - q, - pmax, - nbtarg - ); + q = (NBTNsResource *)AliasHandleResourceNS( + q, pmax, nbtarg); break; case RR_TYPE_NULL: - q = (NBTNsResource *) AliasHandleResourceNULL( - q, - pmax, - nbtarg - ); + q = (NBTNsResource *)AliasHandleResourceNULL( + q, pmax, nbtarg); break; case RR_TYPE_NBSTAT: - q = (NBTNsResource *) AliasHandleResourceNBSTAT( - q, - pmax, - nbtarg - ); + q = (NBTNsResource *)AliasHandleResourceNBSTAT( + q, pmax, nbtarg); break; default: #ifdef LIBALIAS_DEBUG @@ -771,18 +746,18 @@ } count--; } - return ((u_char *) q); + return ((u_char *)q); } static int AliasHandleUdpNbtNS( - struct libalias *la, - struct ip *pip, /* IP packet to examine/patch */ + struct libalias *la, + struct ip *pip, /* IP packet to examine/patch */ struct alias_link *lnk, - struct in_addr *alias_address, - u_short * alias_port, - struct in_addr *original_address, - u_short * original_port) + struct in_addr *alias_address, + u_short *alias_port, + struct in_addr *original_address, + u_short *original_port) { struct udphdr *uh; NbtNSHeader *nsh; @@ -803,7 +778,7 @@ uh = (struct udphdr *)ip_next(pip); nbtarg.uh_sum = &(uh->uh_sum); nsh = (NbtNSHeader *)udp_next(uh); - p = (u_char *) (nsh + 1); + p = (u_char *)(nsh + 1); pmax = (char *)uh + ntohs(uh->uh_ulen); if ((char *)(nsh + 1) > pmax) @@ -821,7 +796,7 @@ ntohs(nsh->ancount), ntohs(nsh->nscount), ntohs(nsh->arcount), - (u_char *) p - (u_char *) nsh + (u_char *)p - (u_char *)nsh ); #endif @@ -829,7 +804,7 @@ if (ntohs(nsh->qdcount) != 0) { p = AliasHandleQuestion( ntohs(nsh->qdcount), - (NBTNsQuestion *) p, + (NBTNsQuestion *)p, pmax, &nbtarg ); @@ -838,7 +813,7 @@ if (ntohs(nsh->ancount) != 0) { p = AliasHandleResource( ntohs(nsh->ancount), - (NBTNsResource *) p, + (NBTNsResource *)p, pmax, &nbtarg ); @@ -847,7 +822,7 @@ if (ntohs(nsh->nscount) != 0) { p = AliasHandleResource( ntohs(nsh->nscount), - (NBTNsResource *) p, + (NBTNsResource *)p, pmax, &nbtarg ); @@ -856,7 +831,7 @@ if (ntohs(nsh->arcount) != 0) { p = AliasHandleResource( ntohs(nsh->arcount), - (NBTNsResource *) p, + (NBTNsResource *)p, pmax, &nbtarg ); diff --git a/sys/netinet/libalias/alias_pptp.c b/sys/netinet/libalias/alias_pptp.c --- a/sys/netinet/libalias/alias_pptp.c +++ b/sys/netinet/libalias/alias_pptp.c @@ -81,7 +81,6 @@ static int fingerprint(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL) return (-1); if (ntohs(*ah->dport) == PPTP_CONTROL_PORT_NUMBER @@ -93,14 +92,12 @@ static int fingerprintgre(struct libalias *la, struct alias_data *ah) { - return (0); } static int protohandlerin(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandlePptpIn(la, pip, ah->lnk); return (0); } @@ -108,7 +105,6 @@ static int protohandlerout(struct libalias *la, struct ip *pip, struct alias_data *ah) { - AliasHandlePptpOut(la, pip, ah->lnk); return (0); } @@ -116,7 +112,6 @@ static int protohandlergrein(struct libalias *la, struct ip *pip, struct alias_data *ah) { - if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY || AliasHandlePptpGreIn(la, pip) == 0) return (0); @@ -126,7 +121,6 @@ static int protohandlergreout(struct libalias *la, struct ip *pip, struct alias_data *ah) { - if (AliasHandlePptpGreOut(la, pip) == 0) return (0); return (-1); @@ -196,7 +190,7 @@ "alias_pptp", mod_handler, NULL }; -#ifdef _KERNEL +#ifdef _KERNEL DECLARE_MODULE(alias_pptp, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND); MODULE_VERSION(alias_pptp, 1); MODULE_DEPEND(alias_pptp, libalias, 1, 1, 1); @@ -225,14 +219,13 @@ Reference: RFC 2637 Initial version: May, 2000 (eds) - */ /* * PPTP definitions */ -struct grehdr { /* Enhanced GRE header. */ +struct grehdr { /* Enhanced GRE header. */ u_int16_t gh_flags; /* Flags. */ u_int16_t gh_protocol; /* Protocol type. */ u_int16_t gh_length; /* Payload length. */ @@ -271,7 +264,7 @@ PPTP_SetLinkInfo = 15 }; - /* Message structures */ +/* Message structures */ struct pptpMsgHead { u_int16_t length; /* total length */ u_int16_t msgType;/* PPTP message type */ @@ -298,8 +291,8 @@ static void AliasHandlePptpOut(struct libalias *la, struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *lnk) -{ /* The PPTP control link */ + struct alias_link *lnk) /* The PPTP control link */ +{ struct alias_link *pptp_lnk; PptpCallId cptr; PptpCode codes; @@ -330,8 +323,7 @@ * message. */ pptp_lnk = FindPptpOutByCallId(la, GetOriginalAddress(lnk), - GetDestAddress(lnk), - cptr->cid1); + GetDestAddress(lnk), cptr->cid1); break; default: return; @@ -351,16 +343,17 @@ switch (ctl_type) { case PPTP_OutCallReply: case PPTP_InCallReply: - codes = (PptpCode) (cptr + 1); - if (codes->resCode == 1) /* Connection - * established, */ - SetDestCallId(pptp_lnk, /* note the Peer's Call - * ID. */ - cptr->cid2); + codes = (PptpCode)(cptr + 1); + if (codes->resCode == 1) + /* Connection established, + * note the Peer's Call ID. */ + SetDestCallId(pptp_lnk, cptr->cid2); else - SetExpire(pptp_lnk, 0); /* Connection refused. */ + /* Connection refused. */ + SetExpire(pptp_lnk, 0); break; - case PPTP_CallDiscNotify: /* Connection closed. */ + case PPTP_CallDiscNotify: + /* Connection closed. */ SetExpire(pptp_lnk, 0); break; } @@ -370,8 +363,8 @@ static void AliasHandlePptpIn(struct libalias *la, struct ip *pip, /* IP packet to examine/patch */ - struct alias_link *lnk) -{ /* The PPTP control link */ + struct alias_link *lnk) /* The PPTP control link */ +{ struct alias_link *pptp_lnk; PptpCallId cptr; u_int16_t *pcall_id; @@ -393,10 +386,10 @@ case PPTP_InCallReply: pcall_id = &cptr->cid2; break; - case PPTP_CallDiscNotify: /* Connection closed. */ + case PPTP_CallDiscNotify: + /* Connection closed. */ pptp_lnk = FindPptpInByCallId(la, GetDestAddress(lnk), - GetAliasAddress(lnk), - cptr->cid1); + GetAliasAddress(lnk), cptr->cid1); if (pptp_lnk != NULL) SetExpire(pptp_lnk, 0); return; @@ -406,8 +399,7 @@ /* Find PPTP link for address and Call ID found in PPTP Control Msg */ pptp_lnk = FindPptpInByPeerCallId(la, GetDestAddress(lnk), - GetAliasAddress(lnk), - *pcall_id); + GetAliasAddress(lnk), *pcall_id); if (pptp_lnk != NULL) { int accumulate = *pcall_id; @@ -420,22 +412,24 @@ accumulate -= *pcall_id; ADJUST_CHECKSUM(accumulate, tc->th_sum); - if (ctl_type == PPTP_OutCallReply || ctl_type == PPTP_InCallReply) { - PptpCode codes = (PptpCode) (cptr + 1); + if (ctl_type == PPTP_OutCallReply || + ctl_type == PPTP_InCallReply) { + PptpCode codes = (PptpCode)(cptr + 1); - if (codes->resCode == 1) /* Connection - * established, */ - SetDestCallId(pptp_lnk, /* note the Call ID. */ - cptr->cid1); + if (codes->resCode == 1) + /* Connection established, + * note the Call ID. */ + SetDestCallId(pptp_lnk, cptr->cid1); else - SetExpire(pptp_lnk, 0); /* Connection refused. */ + /* Connection refused. */ + SetExpire(pptp_lnk, 0); } } } -static PptpCallId -AliasVerifyPptp(struct ip *pip, u_int16_t * ptype) -{ /* IP packet to examine/patch */ +static PptpCallId +AliasVerifyPptp(struct ip *pip, u_int16_t * ptype) /* IP packet to examine/patch */ +{ int hlen, tlen, dlen; PptpMsgHead hptr; struct tcphdr *tc; @@ -451,7 +445,7 @@ return (NULL); /* Move up to PPTP message header */ - hptr = (PptpMsgHead) tcp_next(tc); + hptr = (PptpMsgHead)tcp_next(tc); /* Return the control message type */ *ptype = ntohs(hptr->type); @@ -467,7 +461,7 @@ sizeof(struct pptpCodes)))) return (NULL); else - return (PptpCallId) (hptr + 1); + return ((PptpCallId)(hptr + 1)); } static int @@ -476,10 +470,10 @@ GreHdr *gr; struct alias_link *lnk; - gr = (GreHdr *) ip_next(pip); + gr = (GreHdr *)ip_next(pip); /* Check GRE header bits. */ - if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) + if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) return (-1); lnk = FindPptpOutByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id); @@ -500,10 +494,10 @@ GreHdr *gr; struct alias_link *lnk; - gr = (GreHdr *) ip_next(pip); + gr = (GreHdr *)ip_next(pip); /* Check GRE header bits. */ - if ((ntohl(*((u_int32_t *) gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) + if ((ntohl(*((u_int32_t *)gr)) & PPTP_INIT_MASK) != PPTP_INIT_VALUE) return (-1); lnk = FindPptpInByPeerCallId(la, pip->ip_src, pip->ip_dst, gr->gh_call_id); diff --git a/sys/netinet/libalias/alias_proxy.c b/sys/netinet/libalias/alias_proxy.c --- a/sys/netinet/libalias/alias_proxy.c +++ b/sys/netinet/libalias/alias_proxy.c @@ -76,6 +76,7 @@ #include #else #include + #include "alias.h" /* Public API functions for libalias */ #include "alias_local.h" /* Functions used by alias*.c */ #endif @@ -189,7 +190,7 @@ if (se == NULL) return (-1); - *port = (u_int) ntohs(se->s_port); + *port = (u_int)ntohs(se->s_port); } #else return (-1); @@ -292,20 +293,19 @@ struct tcphdr *tc; char addrbuf[INET_ADDRSTRLEN]; -/* Compute pointer to tcp header */ + /* Compute pointer to tcp header */ tc = (struct tcphdr *)ip_next(pip); -/* Don't modify if once already modified */ - + /* Don't modify if once already modified */ if (GetAckModified(lnk)) return; -/* Translate destination address and port to string form */ + /* Translate destination address and port to string form */ snprintf(buffer, sizeof(buffer) - 2, "[DEST %s %d]", inet_ntoa_r(GetProxyAddress(lnk), INET_NTOA_BUF(addrbuf)), - (u_int) ntohs(GetProxyPort(lnk))); + (u_int)ntohs(GetProxyPort(lnk))); -/* Pad string out to a multiple of two in length */ + /* Pad string out to a multiple of two in length */ slen = strlen(buffer); switch (slen % 2) { case 0: @@ -317,11 +317,11 @@ slen += 1; } -/* Check for packet overflow */ + /* Check for packet overflow */ if ((int)(ntohs(pip->ip_len) + strlen(buffer)) > maxpacketsize) return; -/* Shift existing TCP data and insert destination string */ + /* Shift existing TCP data and insert destination string */ { int dlen; int hlen; @@ -330,8 +330,7 @@ hlen = (pip->ip_hl + tc->th_off) << 2; dlen = ntohs(pip->ip_len) - hlen; -/* Modify first packet that has data in it */ - + /* Modify first packet that has data in it */ if (dlen == 0) return; @@ -342,18 +341,18 @@ memcpy(p, buffer, slen); } -/* Save information about modfied sequence number */ + /* Save information about modfied sequence number */ { int delta; SetAckModified(lnk); - tc = (struct tcphdr *)ip_next(pip); + tc = (struct tcphdr *)ip_next(pip); delta = GetDeltaSeqOut(tc->th_seq, lnk); AddSeq(lnk, delta + slen, pip->ip_hl, pip->ip_len, tc->th_seq, tc->th_off); } -/* Update IP header packet length and checksum */ + /* Update IP header packet length and checksum */ { int accumulate; @@ -364,8 +363,8 @@ ADJUST_CHECKSUM(accumulate, pip->ip_sum); } -/* Update TCP checksum, Use TcpChecksum since so many things have - already changed. */ + /* Update TCP checksum, Use TcpChecksum since so many things have + already changed. */ tc->th_sum = 0; #ifdef _KERNEL @@ -376,8 +375,7 @@ } static void -ProxyEncodeIpHeader(struct ip *pip, - int maxpacketsize) +ProxyEncodeIpHeader(struct ip *pip, int maxpacketsize) { #define OPTION_LEN_BYTES 8 #define OPTION_LEN_INT16 4 @@ -385,17 +383,17 @@ _Alignas(_Alignof(u_short)) u_char option[OPTION_LEN_BYTES]; #ifdef LIBALIAS_DEBUG - fprintf(stdout, " ip cksum 1 = %x\n", (u_int) IpChecksum(pip)); - fprintf(stdout, "tcp cksum 1 = %x\n", (u_int) TcpChecksum(pip)); + fprintf(stdout, " ip cksum 1 = %x\n", (u_int)IpChecksum(pip)); + fprintf(stdout, "tcp cksum 1 = %x\n", (u_int)TcpChecksum(pip)); #endif (void)maxpacketsize; -/* Check to see that there is room to add an IP option */ + /* Check to see that there is room to add an IP option */ if (pip->ip_hl > (0x0f - OPTION_LEN_INT32)) return; -/* Build option and copy into packet */ + /* Build option and copy into packet */ { u_char *ptr; struct tcphdr *tc; @@ -407,15 +405,15 @@ option[0] = 0x64; /* class: 3 (reserved), option 4 */ option[1] = OPTION_LEN_BYTES; - memcpy(&option[2], (u_char *) & pip->ip_dst, 4); + memcpy(&option[2], (u_char *)&pip->ip_dst, 4); tc = (struct tcphdr *)ip_next(pip); - memcpy(&option[6], (u_char *) & tc->th_sport, 2); + memcpy(&option[6], (u_char *)&tc->th_sport, 2); memcpy(ptr, option, 8); } -/* Update checksum, header length and packet length */ + /* Update checksum, header length and packet length */ { int i; int accumulate; @@ -441,8 +439,8 @@ #undef OPTION_LEN_INT16 #undef OPTION_LEN_INT32 #ifdef LIBALIAS_DEBUG - fprintf(stdout, " ip cksum 2 = %x\n", (u_int) IpChecksum(pip)); - fprintf(stdout, "tcp cksum 2 = %x\n", (u_int) TcpChecksum(pip)); + fprintf(stdout, " ip cksum 2 = %x\n", (u_int)IpChecksum(pip)); + fprintf(stdout, "tcp cksum 2 = %x\n", (u_int)TcpChecksum(pip)); #endif } @@ -457,7 +455,7 @@ int ProxyCheck(struct libalias *la, struct in_addr *proxy_server_addr, - u_short * proxy_server_port, struct in_addr src_addr, + u_short * proxy_server_port, struct in_addr src_addr, struct in_addr dst_addr, u_short dst_port, u_char ip_p) { struct proxy_entry *ptr; @@ -498,12 +496,11 @@ int maxpacketsize, int proxy_type) { - LIBALIAS_LOCK_ASSERT(la); (void)la; switch (proxy_type) { - case PROXY_TYPE_ENCODE_IPHDR: + case PROXY_TYPE_ENCODE_IPHDR: ProxyEncodeIpHeader(pip, maxpacketsize); break; @@ -517,9 +514,6 @@ Public API functions */ -int -LibAliasProxyRule(struct libalias *la, const char *cmd) -{ /* * This function takes command strings of the form: * @@ -541,6 +535,9 @@ * then 0 is used, and group 0 rules are always checked before any * others. */ +int +LibAliasProxyRule(struct libalias *la, const char *cmd) +{ int i, n, len, ret; int cmd_len; int token_count; @@ -563,7 +560,8 @@ LIBALIAS_LOCK(la); ret = 0; -/* Copy command line into a buffer */ + + /* Copy command line into a buffer */ cmd += strspn(cmd, " \t"); cmd_len = strlen(cmd); if (cmd_len > (int)(sizeof(buffer) - 1)) { @@ -572,14 +570,14 @@ } strcpy(buffer, cmd); -/* Convert to lower case */ + /* Convert to lower case */ len = strlen(buffer); for (i = 0; i < len; i++) buffer[i] = tolower((unsigned char)buffer[i]); -/* Set default proxy type */ + /* Set default proxy type */ -/* Set up default values */ + /* Set up default values */ rule_index = 0; proxy_type = PROXY_TYPE_ENCODE_NONE; proto = IPPROTO_TCP; @@ -594,7 +592,7 @@ str_port[0] = 0; str_server_port[0] = 0; -/* Parse command string with state machine */ + /* Parse command string with state machine */ #define STATE_READ_KEYWORD 0 #define STATE_READ_TYPE 1 #define STATE_READ_PORT 2 @@ -652,41 +650,40 @@ state = STATE_READ_KEYWORD; break; - case STATE_READ_SERVER: - { - int err; - char *p; - char s[sizeof(buffer)]; + case STATE_READ_SERVER: { + int err; + char *p; + char s[sizeof(buffer)]; + + p = token; + while (*p != ':' && *p != 0) + p++; - p = token; - while (*p != ':' && *p != 0) - p++; - - if (*p != ':') { - err = IpAddr(token, &server_addr); - if (err) { - ret = -1; - goto getout; - } - } else { - *p = ' '; - - n = sscanf(token, "%s %s", s, str_server_port); - if (n != 2) { - ret = -1; - goto getout; - } - - err = IpAddr(s, &server_addr); - if (err) { - ret = -1; - goto getout; - } + if (*p != ':') { + err = IpAddr(token, &server_addr); + if (err) { + ret = -1; + goto getout; + } + } else { + *p = ' '; + + n = sscanf(token, "%s %s", s, str_server_port); + if (n != 2) { + ret = -1; + goto getout; + } + + err = IpAddr(s, &server_addr); + if (err) { + ret = -1; + goto getout; } } + state = STATE_READ_KEYWORD; break; - + } case STATE_READ_RULE: n = sscanf(token, "%d", &rule_index); if (n != 1 || rule_index < 0) { @@ -696,28 +693,27 @@ state = STATE_READ_KEYWORD; break; - case STATE_READ_DELETE: - { - int err; - int rule_to_delete; + case STATE_READ_DELETE: { + int err; + int rule_to_delete; - if (token_count != 2) { - ret = -1; - goto getout; - } + if (token_count != 2) { + ret = -1; + goto getout; + } - n = sscanf(token, "%d", &rule_to_delete); - if (n != 1) { - ret = -1; - goto getout; - } - err = RuleNumberDelete(la, rule_to_delete); - if (err) - ret = -1; - else - ret = 0; + n = sscanf(token, "%d", &rule_to_delete); + if (n != 1) { + ret = -1; goto getout; } + err = RuleNumberDelete(la, rule_to_delete); + if (err) + ret = -1; + else + ret = 0; + goto getout; + } case STATE_READ_PROTO: if (strcmp(token, "tcp") == 0) @@ -732,58 +728,58 @@ break; case STATE_READ_SRC: - case STATE_READ_DST: - { - int err; - char *p; - struct in_addr mask; - struct in_addr addr; - - p = token; - while (*p != '/' && *p != 0) - p++; - - if (*p != '/') { - IpMask(32, &mask); - err = IpAddr(token, &addr); - if (err) { - ret = -1; - goto getout; - } - } else { - int nbits; - char s[sizeof(buffer)]; - - *p = ' '; - n = sscanf(token, "%s %d", s, &nbits); - if (n != 2) { - ret = -1; - goto getout; - } - - err = IpAddr(s, &addr); - if (err) { - ret = -1; - goto getout; - } - - err = IpMask(nbits, &mask); - if (err) { - ret = -1; - goto getout; - } + case STATE_READ_DST: { + int err; + char *p; + struct in_addr mask; + struct in_addr addr; + + p = token; + while (*p != '/' && *p != 0) + p++; + + if (*p != '/') { + IpMask(32, &mask); + err = IpAddr(token, &addr); + if (err) { + ret = -1; + goto getout; } + } else { + int nbits; + char s[sizeof(buffer)]; - if (state == STATE_READ_SRC) { - src_addr = addr; - src_mask = mask; - } else { - dst_addr = addr; - dst_mask = mask; + *p = ' '; + n = sscanf(token, "%s %d", s, &nbits); + if (n != 2) { + ret = -1; + goto getout; + } + + err = IpAddr(s, &addr); + if (err) { + ret = -1; + goto getout; + } + + err = IpMask(nbits, &mask); + if (err) { + ret = -1; + goto getout; } } + + if (state == STATE_READ_SRC) { + src_addr = addr; + src_mask = mask; + } else { + dst_addr = addr; + dst_mask = mask; + } + state = STATE_READ_KEYWORD; break; + } default: ret = -1; @@ -805,9 +801,10 @@ #undef STATE_READ_SRC #undef STATE_READ_DST -/* Convert port strings to numbers. This needs to be done after - the string is parsed, because the prototype might not be designated - before the ports (which might be symbolic entries in /etc/services) */ + /* Convert port strings to numbers. + This needs to be done after the string is parsed, because + the prototype might not be designated before the ports + (which might be symbolic entries in /etc/services) */ if (strlen(str_port) != 0) { int err; @@ -833,13 +830,13 @@ server_port = 0; } -/* Check that at least the server address has been defined */ + /* Check that at least the server address has been defined */ if (server_addr.s_addr == 0) { ret = -1; goto getout; } -/* Add to linked list */ + /* Add to linked list */ proxy_entry = malloc(sizeof(struct proxy_entry)); if (proxy_entry == NULL) { ret = -1; diff --git a/sys/netinet/libalias/alias_sctp.h b/sys/netinet/libalias/alias_sctp.h --- a/sys/netinet/libalias/alias_sctp.h +++ b/sys/netinet/libalias/alias_sctp.h @@ -27,7 +27,7 @@ */ /* - * Alias_sctp forms part of the libalias kernel module to handle + * Alias_sctp forms part of the libalias kernel module to handle * Network Address Translation (NAT) for the SCTP protocol. * * This software was developed by David A. Hayes @@ -40,7 +40,7 @@ * proposed by Jason But and Grenville Armitage: * http://caia.swin.edu.au/urp/sonata/ * - * + * * This project has been made possible in part by a grant from * the Cisco University Research Program Fund at Community * Foundation Silicon Valley. @@ -53,7 +53,7 @@ #define _ALIAS_SCTP_H_ #include -#ifdef _KERNEL +#ifdef _KERNEL #include #include #include @@ -61,7 +61,7 @@ #include #include #include -#endif // #ifdef _KERNEL +#endif // #ifdef _KERNEL #include #include @@ -75,7 +75,7 @@ /** * These are defined in sctp_os_bsd.h, but it can't be included due to its local file * inclusion, so I'm defining them here. - * + * */ #include /* The packed define for 64 bit platforms */ @@ -128,18 +128,18 @@ uint16_t l_port; /**< local side port number */ uint32_t g_vtag; /**< global side verification tag */ uint16_t g_port; /**< global side port number */ - struct in_addr l_addr; /**< local ip address */ - struct in_addr a_addr; /**< alias ip address */ + struct in_addr l_addr; /**< local ip address */ + struct in_addr a_addr; /**< alias ip address */ int state; /**< current state of NAT association */ int TableRegister; /**< stores which look up tables association is registered in */ int exp; /**< timer expiration in seconds from uptime */ int exp_loc; /**< current location in timer_Q */ - int num_Gaddr; /**< number of global IP addresses in the list */ + int num_Gaddr; /**< number of global IP addresses in the list */ LIST_HEAD(sctpGlobalAddresshead,sctp_GlobalAddress) Gaddr; /**< List of global addresses */ LIST_ENTRY (sctp_nat_assoc) list_L; /**< Linked list of pointers for Local table*/ LIST_ENTRY (sctp_nat_assoc) list_G; /**< Linked list of pointers for Global table */ LIST_ENTRY (sctp_nat_assoc) timer_Q; /**< Linked list of pointers for timer Q */ -//Using libalias locking + //Using libalias locking }; struct sctp_GlobalAddress { @@ -153,14 +153,14 @@ * The only chunks whose contents are of any interest are the INIT and ASCONF_AddIP */ union sctpChunkOfInt { - struct sctp_init *Init; /**< Pointer to Init Chunk */ + struct sctp_init *Init; /**< Pointer to Init Chunk */ struct sctp_init_ack *InitAck; /**< Pointer to Init Chunk */ - struct sctp_paramhdr *Asconf; /**< Pointer to ASCONF chunk */ + struct sctp_paramhdr *Asconf; /**< Pointer to ASCONF chunk */ }; /** * @brief SCTP message - * + * * Structure containing the relevant information from the SCTP message */ struct sctp_nat_msg { @@ -177,7 +177,7 @@ /** * @brief sctp nat timer queue structure - * + * */ struct sctp_nat_timer { diff --git a/sys/netinet/libalias/alias_sctp.c b/sys/netinet/libalias/alias_sctp.c --- a/sys/netinet/libalias/alias_sctp.c +++ b/sys/netinet/libalias/alias_sctp.c @@ -2,7 +2,7 @@ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2008 - * Swinburne University of Technology, Melbourne, Australia. + * Swinburne University of Technology, Melbourne, Australia. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -128,15 +128,15 @@ struct sctp_nat_assoc *assoc, int sndrply, int direction); /* Hash Table Functions */ -static struct sctp_nat_assoc* +static struct sctp_nat_assoc * FindSctpLocal(struct libalias *la, struct in_addr l_addr, struct in_addr g_addr, uint32_t l_vtag, uint16_t l_port, uint16_t g_port); -static struct sctp_nat_assoc* +static struct sctp_nat_assoc * FindSctpGlobal(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t g_port, uint16_t l_port, int *partial_match); -static struct sctp_nat_assoc* +static struct sctp_nat_assoc * FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc); -static struct sctp_nat_assoc* +static struct sctp_nat_assoc * FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint16_t g_port, uint16_t l_port); -static struct sctp_nat_assoc* +static struct sctp_nat_assoc * FindSctpGlobalT(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t l_port, uint16_t g_port); static int AddSctpAssocLocal(struct libalias *la, struct sctp_nat_assoc *assoc, struct in_addr g_addr); @@ -151,7 +151,7 @@ void sctp_CheckTimers(struct libalias *la); /* Logging Functions */ -static void logsctperror(char* errormsg, uint32_t vtag, int error, int direction); +static void logsctperror(char *errormsg, uint32_t vtag, int error, int direction); static void logsctpparse(int direction, struct sctp_nat_msg *sm); static void logsctpassoc(struct sctp_nat_assoc *assoc, char *s); static void logTimerQ(struct libalias *la); @@ -181,7 +181,7 @@ */ void SctpShowAliasStats(struct libalias *la); -#ifdef _KERNEL +#ifdef _KERNEL static MALLOC_DEFINE(M_SCTPNAT, "sctpnat", "sctp nat dbs"); /* Use kernel allocator. */ @@ -438,7 +438,8 @@ int error; error = sysctl_handle_int(oidp, &level, 0, req); - if (error) return (error); + if (error) + return (error); level = (level > SN_LOG_DEBUG_MAX) ? (SN_LOG_DEBUG_MAX) : (level); level = (level < SN_LOG_LOW) ? (SN_LOG_LOW) : (level); @@ -459,7 +460,8 @@ int error; error = sysctl_handle_int(oidp, &timer, 0, req); - if (error) return (error); + if (error) + return (error); timer = (timer > SN_MAX_TIMER) ? (SN_MAX_TIMER) : (timer); @@ -487,7 +489,8 @@ int error; error = sysctl_handle_int(oidp, &size, 0, req); - if (error) return (error); + if (error) + return (error); size = (size < SN_MIN_HASH_SIZE) ? (SN_MIN_HASH_SIZE) : ((size > SN_MAX_HASH_SIZE) ? (SN_MAX_HASH_SIZE) : (size)); @@ -515,7 +518,8 @@ int error; error = sysctl_handle_int(oidp, &flag, 0, req); - if (error) return (error); + if (error) + return (error); sysctl_error_on_ootb = (flag > SN_ERROR_ON_OOTB) ? SN_ERROR_ON_OOTB: flag; @@ -534,7 +538,8 @@ int error; error = sysctl_handle_int(oidp, &flag, 0, req); - if (error) return (error); + if (error) + return (error); sysctl_accept_global_ootb_addip = (flag == 1) ? 1: 0; @@ -554,7 +559,8 @@ int error; error = sysctl_handle_int(oidp, &proclimit, 0, req); - if (error) return (error); + if (error) + return (error); sysctl_initialising_chunk_proc_limit = (proclimit < 1) ? 1: proclimit; sysctl_chunk_proc_limit = @@ -576,7 +582,8 @@ int error; error = sysctl_handle_int(oidp, &proclimit, 0, req); - if (error) return (error); + if (error) + return (error); sysctl_chunk_proc_limit = (proclimit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : proclimit; @@ -597,7 +604,8 @@ int error; error = sysctl_handle_int(oidp, &proclimit, 0, req); - if (error) return (error); + if (error) + return (error); sysctl_param_proc_limit = (proclimit < 2) ? 2 : proclimit; @@ -618,7 +626,8 @@ int error; error = sysctl_handle_int(oidp, &num_to_track, 0, req); - if (error) return (error); + if (error) + return (error); sysctl_track_global_addresses = (num_to_track > SN_MAX_GLOBAL_ADDRESSES) ? SN_MAX_GLOBAL_ADDRESSES : num_to_track; @@ -637,7 +646,8 @@ * * @param la Pointer to the relevant libalias instance */ -void AliasSctpInit(struct libalias *la) +void +AliasSctpInit(struct libalias *la) { /* Initialise association tables*/ int i; @@ -677,7 +687,8 @@ * * @param la Pointer to the relevant libalias instance */ -void AliasSctpTerm(struct libalias *la) +void +AliasSctpTerm(struct libalias *la) { struct sctp_nat_assoc *assoc1, *assoc2; int i; @@ -773,7 +784,7 @@ SN_LOG(SN_LOG_DETAIL, logsctpassoc(assoc, "*"); logsctpparse(direction, &msg); - ); + ); /* Process the SCTP message */ rtnval = ProcessSctpMsg(la, direction, &msg, assoc); @@ -782,7 +793,7 @@ logsctpassoc(assoc, "-"); logSctpLocal(la); logSctpGlobal(la); - ); + ); SN_LOG(SN_LOG_DEBUG, logTimerQ(la)); switch (rtnval) { @@ -815,7 +826,7 @@ default: // big error, remove association and go to idle and write log messages SN_LOG(SN_LOG_LOW, logsctperror("SN_PROCESSING_ERROR", msg.sctp_hdr->v_tag, rtnval, direction)); - assoc->state=SN_RM;/* Mark for removal*/ + assoc->state = SN_RM;/* Mark for removal*/ break; } @@ -999,12 +1010,12 @@ memcpy(sm->ip_hdr, ip, ip_size); SN_LOG(SN_LOG_EVENT,SctpAliasLog("%s %s 0x%x (->%s:%u vtag=0x%x crc=0x%x)\n", - ((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"), - ((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"), - (include_error_cause ? ntohs(error_cause->code) : 0), - inet_ntoa_r(ip->ip_dst, INET_NTOA_BUF(addrbuf)), - ntohs(sctp_hdr->dest_port), - ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum))); + ((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"), + ((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"), + (include_error_cause ? ntohs(error_cause->code) : 0), + inet_ntoa_r(ip->ip_dst, INET_NTOA_BUF(addrbuf)), + ntohs(sctp_hdr->dest_port), + ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum))); } /* ---------------------------------------------------------------------- @@ -1265,7 +1276,7 @@ struct sctp_paramhdr ph;/* type=SCTP_VTAG_PARAM */ uint32_t local_vtag; uint32_t remote_vtag; - } __attribute__((packed)); + } __attribute__((packed)); struct sctp_vtag_param *vtag_param; struct sctp_paramhdr *param; @@ -1298,7 +1309,8 @@ } bytes_left -= param_size; - if (bytes_left < SN_MIN_PARAM_SIZE) return (0); + if (bytes_left < SN_MIN_PARAM_SIZE) + return (0); param = SN_SCTP_NEXTPARAM(param); param_size = SCTP_SIZE32(ntohs(param->param_length)); @@ -1455,7 +1467,8 @@ * * @return 1 - success | 0 - fail */ -static int Add_Global_Address_to_List(struct sctp_nat_assoc *assoc, struct sctp_GlobalAddress *G_addr) +static int +Add_Global_Address_to_List(struct sctp_nat_assoc *assoc, struct sctp_GlobalAddress *G_addr) { struct sctp_GlobalAddress *iter_G_Addr = NULL, *first_G_Addr = NULL; first_G_Addr = LIST_FIRST(&(assoc->Gaddr)); @@ -1550,7 +1563,8 @@ } } bytes_left -= param_size; - if (bytes_left == 0) return; + if (bytes_left == 0) + return; else if (bytes_left < SN_MIN_PARAM_SIZE) { SN_LOG(SN_LOG_EVENT, logsctperror("RmGlobalIPAddress: truncated packet - may not have removed all IP addresses", @@ -1614,13 +1628,14 @@ return (1); /* success - but can't match correlation IDs - should only be one */ /* check others just in case */ bytes_left -= param_size; - if (bytes_left >= SN_MIN_PARAM_SIZE) { + if (bytes_left >= SN_MIN_PARAM_SIZE) param = SN_SCTP_NEXTPARAM(param); - } else { + else return (0); - } + param_size = SCTP_SIZE32(ntohs(param->param_length)); - if (bytes_left < param_size) return (0); + if (bytes_left < param_size) + return (0); if (++param_count > sysctl_param_proc_limit) { SN_LOG(SN_LOG_EVENT, @@ -1667,13 +1682,14 @@ return (SCTP_DEL_IP_ADDRESS); /* check others just in case */ bytes_left -= param_size; - if (bytes_left >= SN_MIN_PARAM_SIZE) { + if (bytes_left >= SN_MIN_PARAM_SIZE) param = SN_SCTP_NEXTPARAM(param); - } else { + else return (0); /*Neither found */ - } + param_size = SCTP_SIZE32(ntohs(param->param_length)); - if (bytes_left < param_size) return (0); + if (bytes_left < param_size) + return (0); if (++param_count > sysctl_param_proc_limit) { SN_LOG(SN_LOG_EVENT, @@ -1771,7 +1787,7 @@ assoc->g_port = sm->sctp_hdr->dest_port; if (sm->msg == SN_SCTP_INIT) assoc->g_vtag = sm->sctpchnk.Init->initiate_tag; - if (AddSctpAssocGlobal(la, assoc)) /* DB clash *///**** need to add dst address + if (AddSctpAssocGlobal(la, assoc)) /* DB clash: need to add dst address */ return ((sm->msg == SN_SCTP_INIT) ? SN_REPLY_ABORT : SN_REPLY_ERROR); if (sm->msg == SN_SCTP_ASCONF) { if (AddSctpAssocLocal(la, assoc, sm->ip_hdr->ip_dst)) /* DB clash */ @@ -1789,10 +1805,10 @@ if (AddSctpAssocLocal(la, assoc, sm->ip_hdr->ip_src)) /* DB clash */ return ((sm->msg == SN_SCTP_INIT) ? SN_REPLY_ABORT : SN_REPLY_ERROR); if (sm->msg == SN_SCTP_ASCONF) { - if (AddSctpAssocGlobal(la, assoc)) /* DB clash */ //**** need to add src address + if (AddSctpAssocGlobal(la, assoc)) /* DB clash: need to add src address */ return (SN_REPLY_ERROR); assoc->TableRegister |= SN_WAIT_TOGLOBAL; /* wait for toglobal ack */ - } + } break; } assoc->state = (sm->msg == SN_SCTP_INIT) ? SN_INi : SN_INa; @@ -1938,7 +1954,8 @@ case SCTP_DEL_IP_ADDRESS: RmGlobalIPAddresses(sm, assoc, direction); break; - } /* fall through to default */ + } + /* fall through to default */ default: sctp_ResetTimeOut(la,assoc, SN_U_T(la)); return (SN_NAT_PKT); /* forward packet */ @@ -2009,7 +2026,7 @@ * * @return pointer to association or NULL */ -static struct sctp_nat_assoc* +static struct sctp_nat_assoc * FindSctpLocal(struct libalias *la, struct in_addr l_addr, struct in_addr g_addr, uint32_t l_vtag, uint16_t l_port, uint16_t g_port) { u_int i; @@ -2046,8 +2063,8 @@ * * @return pointer to association or NULL */ -static struct sctp_nat_assoc* -FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc) +static struct sctp_nat_assoc * +FindSctpGlobalClash(struct libalias *la, struct sctp_nat_assoc *Cassoc) { u_int i; struct sctp_nat_assoc *assoc = NULL; @@ -2093,7 +2110,7 @@ * * @return pointer to association or NULL */ -static struct sctp_nat_assoc* +static struct sctp_nat_assoc * FindSctpGlobal(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t g_port, uint16_t l_port, int *partial_match) { u_int i; @@ -2134,7 +2151,7 @@ * * @return pointer to association or NULL */ -static struct sctp_nat_assoc* +static struct sctp_nat_assoc * FindSctpLocalT(struct libalias *la, struct in_addr g_addr, uint32_t l_vtag, uint16_t g_port, uint16_t l_port) { u_int i; @@ -2152,7 +2169,8 @@ return (assoc); /* full match */ } } else { - if (++cnt > 1) return (NULL); + if (++cnt > 1) + return (NULL); lastmatch = assoc; } } @@ -2176,7 +2194,7 @@ * * @return pointer to association or NULL */ -static struct sctp_nat_assoc* +static struct sctp_nat_assoc * FindSctpGlobalT(struct libalias *la, struct in_addr g_addr, uint32_t g_vtag, uint16_t l_port, uint16_t g_port) { u_int i; @@ -2282,8 +2300,9 @@ LIBALIAS_LOCK_ASSERT(la); found = FindSctpGlobalClash(la, assoc); if (found != NULL) { - if ((found->TableRegister == SN_GLOBAL_TBL) && \ - (found->l_addr.s_addr == assoc->l_addr.s_addr) && (found->l_port == assoc->l_port)) { /* resent message */ + if ((found->TableRegister == SN_GLOBAL_TBL) && + (found->l_addr.s_addr == assoc->l_addr.s_addr) && + (found->l_port == assoc->l_port)) { /* resent message */ RmSctpAssoc(la, found); sctp_RmTimeOut(la, found); freeGlobalAddressList(found); @@ -2515,7 +2534,7 @@ * @param direction Direction of packet */ static void -logsctperror(char* errormsg, uint32_t vtag, int error, int direction) +logsctperror(char *errormsg, uint32_t vtag, int error, int direction) { char dir; switch (direction) { @@ -2590,7 +2609,7 @@ * @param assoc pointer to sctp association * @param s Character that indicates the state of processing for this packet */ -static void logsctpassoc(struct sctp_nat_assoc *assoc, char* s) +static void logsctpassoc(struct sctp_nat_assoc *assoc, char *s) { struct sctp_GlobalAddress *G_Addr = NULL; char *sp; @@ -2642,7 +2661,7 @@ struct sctp_nat_assoc *assoc = NULL; SctpAliasLog("G->\n"); - for (i=0; i < la->sctpNatTableSize; i++) { + for (i = 0; i < la->sctpNatTableSize; i++) { LIST_FOREACH(assoc, &la->sctpTableGlobal[i], list_G) { logsctpassoc(assoc, " "); } @@ -2660,7 +2679,7 @@ struct sctp_nat_assoc *assoc = NULL; SctpAliasLog("L->\n"); - for (i=0; i < la->sctpNatTableSize; i++) { + for (i = 0; i < la->sctpNatTableSize; i++) { LIST_FOREACH(assoc, &la->sctpTableLocal[i], list_L) { logsctpassoc(assoc, " "); } @@ -2679,7 +2698,7 @@ struct sctp_nat_assoc *assoc = NULL; SctpAliasLog("t->\n"); - for (i=0; i < SN_TIMER_QUEUE_SIZE; i++) { + for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++) { LIST_FOREACH(assoc, &la->sctpNatTimer.TimerQ[i], timer_Q) { snprintf(buf, 50, " l=%u ",i); //SctpAliasLog(la->logDesc," l=%d ",i); @@ -2705,8 +2724,7 @@ va_start(ap, format); vsnprintf(buffer, LIBALIAS_BUF_SIZE, format, ap); va_end(ap); - log(LOG_SECURITY | LOG_INFO, - "alias_sctp: %s", buffer); + log(LOG_SECURITY | LOG_INFO, "alias_sctp: %s", buffer); } #else static void diff --git a/sys/netinet/libalias/alias_skinny.c b/sys/netinet/libalias/alias_skinny.c --- a/sys/netinet/libalias/alias_skinny.c +++ b/sys/netinet/libalias/alias_skinny.c @@ -61,7 +61,6 @@ static int fingerprint(struct libalias *la, struct alias_data *ah) { - if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL) return (-1); if (la->skinnyPort != 0 && (ntohs(*ah->sport) == la->skinnyPort || @@ -73,8 +72,7 @@ static int protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah) { - - AliasHandleSkinny(la, pip, ah->lnk); + AliasHandleSkinny(la, pip, ah->lnk); return (0); } @@ -116,7 +114,7 @@ "alias_skinny", mod_handler, NULL }; -#ifdef _KERNEL +#ifdef _KERNEL DECLARE_MODULE(alias_skinny, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND); MODULE_VERSION(alias_skinny, 1); MODULE_DEPEND(alias_skinny, libalias, 1, 1, 1); @@ -153,10 +151,10 @@ /* #define LIBALIAS_DEBUG 1 */ /* Message types that need translating */ -#define REG_MSG 0x00000001 -#define IP_PORT_MSG 0x00000002 -#define OPNRCVCH_ACK 0x00000022 -#define START_MEDIATX 0x0000008a +#define REG_MSG 0x00000001 +#define IP_PORT_MSG 0x00000002 +#define OPNRCVCH_ACK 0x00000022 +#define START_MEDIATX 0x0000008a struct skinny_header { u_int32_t len; @@ -214,7 +212,7 @@ { (void)direction; - reg_msg->ipAddr = (u_int32_t) GetAliasAddress(lnk).s_addr; + reg_msg->ipAddr = (u_int32_t)GetAliasAddress(lnk).s_addr; tc->th_sum = 0; #ifdef _KERNEL @@ -257,7 +255,7 @@ { (void)direction; - port_msg->stationIpPort = (u_int32_t) ntohs(GetAliasPort(lnk)); + port_msg->stationIpPort = (u_int32_t)ntohs(GetAliasPort(lnk)); tc->th_sum = 0; #ifdef _KERNEL @@ -281,15 +279,15 @@ (void)lnk; (void)direction; - *localIpAddr = (u_int32_t) opnrcvch_ack->ipAddr; + *localIpAddr = (u_int32_t)opnrcvch_ack->ipAddr; localPort = opnrcvch_ack->port; null_addr.s_addr = INADDR_ANY; opnrcv_lnk = FindUdpTcpOut(la, pip->ip_src, null_addr, htons((u_short) opnrcvch_ack->port), 0, IPPROTO_UDP, 1); - opnrcvch_ack->ipAddr = (u_int32_t) GetAliasAddress(opnrcv_lnk).s_addr; - opnrcvch_ack->port = (u_int32_t) ntohs(GetAliasPort(opnrcv_lnk)); + opnrcvch_ack->ipAddr = (u_int32_t)GetAliasAddress(opnrcv_lnk).s_addr; + opnrcvch_ack->port = (u_int32_t)ntohs(GetAliasPort(opnrcv_lnk)); tc->th_sum = 0; #ifdef _KERNEL @@ -323,11 +321,11 @@ * handle the scenario where the call manager is on the inside, and * the calling phone is on the global outside. */ - if (ntohs(tc->th_dport) == la->skinnyPort) { + if (ntohs(tc->th_dport) == la->skinnyPort) direction = ClientToServer; - } else if (ntohs(tc->th_sport) == la->skinnyPort) { + else if (ntohs(tc->th_sport) == la->skinnyPort) direction = ServerToClient; - } else { + else { #ifdef LIBALIAS_DEBUG fprintf(stderr, "PacketAlias/Skinny: Invalid port number, not a Skinny packet\n"); diff --git a/sys/netinet/libalias/alias_smedia.c b/sys/netinet/libalias/alias_smedia.c --- a/sys/netinet/libalias/alias_smedia.c +++ b/sys/netinet/libalias/alias_smedia.c @@ -131,14 +131,13 @@ #define TFTP_PORT_NUMBER 69 static void -AliasHandleRtspOut(struct libalias *, struct ip *, struct alias_link *, - int maxpacketsize); +AliasHandleRtspOut(struct libalias *, struct ip *, struct alias_link *, + int maxpacketsize); static int fingerprint(struct libalias *la, struct alias_data *ah) { - if (ah->dport != NULL && ah->aport != NULL && ah->sport != NULL && - ntohs(*ah->dport) == TFTP_PORT_NUMBER) + ntohs(*ah->dport) == TFTP_PORT_NUMBER) return (0); if (ah->dport == NULL || ah->sport == NULL || ah->lnk == NULL || ah->maxpktsize == 0) @@ -154,11 +153,10 @@ static int protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah) { - if (ntohs(*ah->dport) == TFTP_PORT_NUMBER) FindRtspOut(la, pip->ip_src, pip->ip_dst, - *ah->sport, *ah->aport, IPPROTO_UDP); - else AliasHandleRtspOut(la, pip, ah->lnk, ah->maxpktsize); + *ah->sport, *ah->aport, IPPROTO_UDP); + else AliasHandleRtspOut(la, pip, ah->lnk, ah->maxpktsize); return (0); } @@ -200,15 +198,15 @@ "alias_smedia", mod_handler, NULL }; -#ifdef _KERNEL +#ifdef _KERNEL DECLARE_MODULE(alias_smedia, alias_mod, SI_SUB_DRIVERS, SI_ORDER_SECOND); MODULE_VERSION(alias_smedia, 1); MODULE_DEPEND(alias_smedia, libalias, 1, 1, 1); #endif -#define RTSP_CONTROL_PORT_NUMBER_1 554 -#define RTSP_CONTROL_PORT_NUMBER_2 7070 -#define RTSP_PORT_GROUP 2 +#define RTSP_CONTROL_PORT_NUMBER_1 554 +#define RTSP_CONTROL_PORT_NUMBER_2 7070 +#define RTSP_PORT_GROUP 2 #define ISDIGIT(a) (((a) >= '0') && ((a) <= '9')) @@ -222,12 +220,10 @@ for (i = 0; i < dlen - search_str_len; i++) { for (j = i, k = 0; j < dlen - search_str_len; j++, k++) { if (data[j] != search_str[k] && - data[j] != search_str[k] - ('a' - 'A')) { + data[j] != search_str[k] - ('a' - 'A')) break; - } - if (k == search_str_len - 1) { + if (k == search_str_len - 1) return (j + 1); - } } } return (-1); @@ -259,9 +255,9 @@ /* Find keyword, "Transport: " */ pos = search_string(data, dlen, transport_str); - if (pos < 0) { + if (pos < 0) return (-1); - } + port_data = data + pos; port_dlen = dlen - pos; @@ -271,9 +267,9 @@ while (port_dlen > (int)strlen(port_str)) { /* Find keyword, appropriate port string */ pos = search_string(port_data, port_dlen, port_str); - if (pos < 0) { + if (pos < 0) break; - } + memcpy(port_newdata, port_data, pos + 1); port_newdata += (pos + 1); @@ -283,28 +279,22 @@ for (i = pos; i < port_dlen; i++) { switch (state) { case 0: - if (port_data[i] == '=') { + if (port_data[i] == '=') state++; - } break; case 1: - if (ISDIGIT(port_data[i])) { + if (ISDIGIT(port_data[i])) p[0] = p[0] * 10 + port_data[i] - '0'; - } else { - if (port_data[i] == ';') { - state = 3; - } - if (port_data[i] == '-') { - state++; - } - } + else if (port_data[i] == ';') + state = 3; + else if (port_data[i] == '-') + state++; break; case 2: - if (ISDIGIT(port_data[i])) { + if (ISDIGIT(port_data[i])) p[1] = p[1] * 10 + port_data[i] - '0'; - } else { + else state++; - } break; case 3: base_port = p[0]; @@ -409,10 +399,7 @@ tc->th_seq, tc->th_off); new_len = htons(hlen + new_dlen); - DifferentialChecksum(&pip->ip_sum, - &new_len, - &pip->ip_len, - 1); + DifferentialChecksum(&pip->ip_sum, &new_len, &pip->ip_len, 1); pip->ip_len = new_len; tc->th_sum = 0; @@ -445,10 +432,9 @@ work += 2; memcpy(&msg_len, work, 2); work += 2; - if (ntohs(msg_id) == 0) { - /* end of options */ + if (ntohs(msg_id) == 0) /* end of options */ return (0); - } + if ((ntohs(msg_id) == 1) || (ntohs(msg_id) == 7)) { memcpy(&port, work, 2); pna_links = FindUdpTcpOut(la, pip->ip_src, GetDestAddress(lnk), @@ -501,17 +487,15 @@ /* When aliasing a client, check for the SETUP request */ if ((ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_1) || (ntohs(tc->th_dport) == RTSP_CONTROL_PORT_NUMBER_2)) { - if (dlen >= (int)strlen(setup)) { - if (memcmp(data, setup, strlen(setup)) == 0) { - alias_rtsp_out(la, pip, lnk, data, client_port_str); - return; - } - } - if (dlen >= (int)strlen(pna)) { - if (memcmp(data, pna, strlen(pna)) == 0) { - alias_pna_out(la, pip, lnk, data, dlen); - } + if (dlen >= (int)strlen(setup) && + memcmp(data, setup, strlen(setup)) == 0) { + alias_rtsp_out(la, pip, lnk, data, client_port_str); + return; } + + if (dlen >= (int)strlen(pna) && + memcmp(data, pna, strlen(pna)) == 0) + alias_pna_out(la, pip, lnk, data, dlen); } else { /* * When aliasing a server, check for the 200 reply @@ -521,21 +505,20 @@ if (dlen >= (int)strlen(str200)) { for (parseOk = 0, i = 0; i <= dlen - (int)strlen(str200); - i++) { + i++) if (memcmp(&data[i], str200, strlen(str200)) == 0) { parseOk = 1; break; } - } + if (parseOk) { i += strlen(str200); /* skip string found */ while (data[i] == ' ') /* skip blank(s) */ i++; - if ((dlen - i) >= (int)strlen(okstr)) { + if ((dlen - i) >= (int)strlen(okstr)) if (memcmp(&data[i], okstr, strlen(okstr)) == 0) alias_rtsp_out(la, pip, lnk, data, server_port_str); - } } } } diff --git a/sys/netinet/libalias/alias_util.c b/sys/netinet/libalias/alias_util.c --- a/sys/netinet/libalias/alias_util.c +++ b/sys/netinet/libalias/alias_util.c @@ -72,8 +72,8 @@ * purposes); */ u_short -LibAliasInternetChecksum(struct libalias *la __unused, u_short * ptr, - int nbytes) +LibAliasInternetChecksum(struct libalias *la __unused, u_short *ptr, + int nbytes) { int sum, oddbyte; @@ -85,8 +85,8 @@ } if (nbytes == 1) { oddbyte = 0; - ((u_char *) & oddbyte)[0] = *(u_char *) ptr; - ((u_char *) & oddbyte)[1] = 0; + ((u_char *)&oddbyte)[0] = *(u_char *)ptr; + ((u_char *)&oddbyte)[1] = 0; sum += oddbyte; } sum = (sum >> 16) + (sum & 0xffff); @@ -95,11 +95,11 @@ return (~sum); } -#ifndef _KERNEL +#ifndef _KERNEL u_short IpChecksum(struct ip *pip) { - return (LibAliasInternetChecksum(NULL, (u_short *) pip, + return (LibAliasInternetChecksum(NULL, (u_short *)pip, (pip->ip_hl << 2))); } @@ -116,7 +116,7 @@ ntcp = ntohs(pip->ip_len) - nhdr; tc = (struct tcphdr *)ip_next(pip); - ptr = (u_short *) tc; + ptr = (u_short *)tc; /* Add up TCP header and data */ nbytes = ntcp; @@ -127,8 +127,8 @@ } if (nbytes == 1) { oddbyte = 0; - ((u_char *) & oddbyte)[0] = *(u_char *) ptr; - ((u_char *) & oddbyte)[1] = 0; + ((u_char *)&oddbyte)[0] = *(u_char *)ptr; + ((u_char *)&oddbyte)[1] = 0; sum += oddbyte; } /* "Pseudo-header" data */ @@ -138,20 +138,20 @@ ptr = (void *)&pip->ip_src; sum += *ptr++; sum += *ptr; - sum += htons((u_short) ntcp); - sum += htons((u_short) pip->ip_p); + sum += htons((u_short)ntcp); + sum += htons((u_short)pip->ip_p); /* Roll over carry bits */ sum = (sum >> 16) + (sum & 0xffff); sum += (sum >> 16); /* Return checksum */ - return ((u_short) ~ sum); + return ((u_short)~sum); } #endif /* not _KERNEL */ void -DifferentialChecksum(u_short * cksum, void *newp, void *oldp, int n) +DifferentialChecksum(u_short *cksum, void *newp, void *oldp, int n) { int i; int accumulate; @@ -168,10 +168,10 @@ accumulate = -accumulate; accumulate = (accumulate >> 16) + (accumulate & 0xffff); accumulate += accumulate >> 16; - *cksum = (u_short) ~ accumulate; + *cksum = (u_short)~accumulate; } else { accumulate = (accumulate >> 16) + (accumulate & 0xffff); accumulate += accumulate >> 16; - *cksum = (u_short) accumulate; + *cksum = (u_short)accumulate; } }