Date: Mon, 5 Jan 2009 14:48:43 +0000 (UTC) From: Paolo Pisati <piso@FreeBSD.org> To: src-committers@freebsd.org, svn-src-user@freebsd.org Subject: svn commit: r186779 - user/piso/sys/netinet/libalias Message-ID: <200901051448.n05EmhMn099183@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: piso Date: Mon Jan 5 14:48:43 2009 New Revision: 186779 URL: http://svn.freebsd.org/changeset/base/186779 Log: BSD indent a bit the code. Modified: user/piso/sys/netinet/libalias/alias_sctp.c user/piso/sys/netinet/libalias/alias_sctp.h Modified: user/piso/sys/netinet/libalias/alias_sctp.c ============================================================================== --- user/piso/sys/netinet/libalias/alias_sctp.c Mon Jan 5 14:46:46 2009 (r186778) +++ user/piso/sys/netinet/libalias/alias_sctp.c Mon Jan 5 14:48:43 2009 (r186779) @@ -99,9 +99,9 @@ */ /* Packet Parsing Functions */ static int sctp_PktParser(struct libalias *la, int direction, struct ip *pip, - struct sctp_nat_msg *sm, struct sctp_nat_assoc **passoc); + struct sctp_nat_msg *sm, struct sctp_nat_assoc **passoc); static int GetAsconfVtags(struct libalias *la, struct sctp_nat_msg *sm, - uint32_t *l_vtag, uint32_t *g_vtag, int direction); + uint32_t *l_vtag, uint32_t *g_vtag, int direction); static int IsASCONFack(struct libalias *la, struct sctp_nat_msg *sm, int direction); static void AddGlobalIPAddresses(struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int direction); @@ -111,20 +111,20 @@ static int IsADDorDEL(struct libalias *l /* State Machine Functions */ static int ProcessSctpMsg(struct libalias *la, int direction, \ - struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc); + struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc); static int ID_process(struct libalias *la, int direction,\ - struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm); + struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm); static int INi_process(struct libalias *la, int direction,\ - struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm); + struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm); static int INa_process(struct libalias *la, int direction,\ - struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm); + struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm); static int UP_process(struct libalias *la, int direction,\ - struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm); + struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm); static int CL_process(struct libalias *la, int direction,\ - struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm); + struct sctp_nat_assoc *assoc, struct sctp_nat_msg *sm); static void TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm,\ - struct sctp_nat_assoc *assoc, int sndrply, int direction); + struct sctp_nat_assoc *assoc, int sndrply, int direction); /* Hash Table Functions */ static struct sctp_nat_assoc* @@ -340,9 +340,9 @@ static u_int sysctl_holddown_timer = 0; static u_int sysctl_hashtable_size = SN_DEFAULT_HASH_SIZE; /**< Sets the hash table size for any NEW NAT instances (existing instances retain their existing Hash Table */ /** @brief net.inet.ip.alias.sctp.error_on_ootb */ static u_int sysctl_error_on_ootb = 1; /**< NAT response to receipt of OOTB packet - (0 - No response, 1 - NAT will send ErrorM only to local side, - 2 - NAT will send local ErrorM and global ErrorM if there was a partial association match - 3 - NAT will send ErrorM to both local and global) */ + (0 - No response, 1 - NAT will send ErrorM only to local side, + 2 - NAT will send local ErrorM and global ErrorM if there was a partial association match + 3 - NAT will send ErrorM to both local and global) */ /** @brief net.inet.ip.alias.sctp.accept_global_ootb_addip */ static u_int sysctl_accept_global_ootb_addip = 0; /**<NAT responset to receipt of global OOTB AddIP (0 - No response, 1 - NAT will accept OOTB global AddIP messages for processing (Security risk)) */ /** @brief net.inet.ip.alias.sctp.initialising_chunk_proc_limit */ @@ -353,7 +353,7 @@ static u_int sysctl_chunk_proc_limit = 5 static u_int sysctl_param_proc_limit = 25; /**< A limit on the number of parameters (in chunks) that should be searched (DoS prevention) */ /** @brief net.inet.ip.alias.sctp.track_global_addresses */ static u_int sysctl_track_global_addresses = 0; /**< Configures the global address tracking option within the NAT (0 - Global tracking is disabled, > 0 - enables tracking but limits the number of global IP addresses to this value) - If set to >=1 the NAT will track that many global IP addresses. This may reduce look up table conflicts, but increases processing */ + If set to >=1 the NAT will track that many global IP addresses. This may reduce look up table conflicts, but increases processing */ #define SN_NO_ERROR_ON_OOTB 0 /**< Send no errorM on out of the blue packets */ #define SN_LOCAL_ERROR_ON_OOTB 1 /**< Send only local errorM on out of the blue packets */ @@ -369,41 +369,41 @@ SYSCTL_DECL(_net_inet_ip_alias); SYSCTL_NODE(_net_inet_ip_alias, OID_AUTO, sctp, CTLFLAG_RW, NULL, "SCTP NAT"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, log_level, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_log_level, 0, sysctl_chg_loglevel, "IU", - "Level of detail (0 - default, 1 - event, 2 - info, 3 - detail, 4 - debug, 5 - max debug)"); + &sysctl_log_level, 0, sysctl_chg_loglevel, "IU", + "Level of detail (0 - default, 1 - event, 2 - info, 3 - detail, 4 - debug, 5 - max debug)"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, init_timer, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_init_timer, 0, sysctl_chg_timer, "IU", - "Timeout value (s) while waiting for (INIT-ACK|AddIP-ACK)"); + &sysctl_init_timer, 0, sysctl_chg_timer, "IU", + "Timeout value (s) while waiting for (INIT-ACK|AddIP-ACK)"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, up_timer, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_up_timer, 0, sysctl_chg_timer, "IU", - "Timeout value (s) to keep an association up with no traffic"); + &sysctl_up_timer, 0, sysctl_chg_timer, "IU", + "Timeout value (s) to keep an association up with no traffic"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, shutdown_timer, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_shutdown_timer, 0, sysctl_chg_timer, "IU", - "Timeout value (s) while waiting for SHUTDOWN-COMPLETE"); + &sysctl_shutdown_timer, 0, sysctl_chg_timer, "IU", + "Timeout value (s) while waiting for SHUTDOWN-COMPLETE"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, holddown_timer, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_holddown_timer, 0, sysctl_chg_timer, "IU", - "Hold association in table for this many seconds after receiving a SHUTDOWN-COMPLETE"); + &sysctl_holddown_timer, 0, sysctl_chg_timer, "IU", + "Hold association in table for this many seconds after receiving a SHUTDOWN-COMPLETE"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, hashtable_size, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_hashtable_size, 0, sysctl_chg_hashtable_size, "IU", - "Size of hash tables used for NAT lookups (100 < prime_number > 1000001)"); + &sysctl_hashtable_size, 0, sysctl_chg_hashtable_size, "IU", + "Size of hash tables used for NAT lookups (100 < prime_number > 1000001)"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, error_on_ootb, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_error_on_ootb, 0, sysctl_chg_error_on_ootb, "IU", - "ErrorM sent on receipt of ootb packet:\n\t0 - none,\n\t1 - to local only,\n\t2 - to local and global if a partial association match,\n\t3 - to local and global (DoS risk)"); + &sysctl_error_on_ootb, 0, sysctl_chg_error_on_ootb, "IU", + "ErrorM sent on receipt of ootb packet:\n\t0 - none,\n\t1 - to local only,\n\t2 - to local and global if a partial association match,\n\t3 - to local and global (DoS risk)"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, accept_global_ootb_addip, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_accept_global_ootb_addip, 0, sysctl_chg_accept_global_ootb_addip, "IU", - "NAT response to receipt of global OOTB AddIP:\n\t0 - No response,\n\t1 - NAT will accept OOTB global AddIP messages for processing (Security risk)"); + &sysctl_accept_global_ootb_addip, 0, sysctl_chg_accept_global_ootb_addip, "IU", + "NAT response to receipt of global OOTB AddIP:\n\t0 - No response,\n\t1 - NAT will accept OOTB global AddIP messages for processing (Security risk)"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, initialising_chunk_proc_limit, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_initialising_chunk_proc_limit, 0, sysctl_chg_initialising_chunk_proc_limit, "IU", - "Number of chunks that should be processed if there is no current association found:\n\t > 0 (A high value is a DoS risk)"); + &sysctl_initialising_chunk_proc_limit, 0, sysctl_chg_initialising_chunk_proc_limit, "IU", + "Number of chunks that should be processed if there is no current association found:\n\t > 0 (A high value is a DoS risk)"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, chunk_proc_limit, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_chunk_proc_limit, 0, sysctl_chg_chunk_proc_limit, "IU", - "Number of chunks that should be processed to find key chunk:\n\t>= initialising_chunk_proc_limit (A high value is a DoS risk)"); + &sysctl_chunk_proc_limit, 0, sysctl_chg_chunk_proc_limit, "IU", + "Number of chunks that should be processed to find key chunk:\n\t>= initialising_chunk_proc_limit (A high value is a DoS risk)"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, param_proc_limit, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_param_proc_limit, 0, sysctl_chg_param_proc_limit, "IU", - "Number of parameters (in a chunk) that should be processed to find key parameters:\n\t> 1 (A high value is a DoS risk)"); + &sysctl_param_proc_limit, 0, sysctl_chg_param_proc_limit, "IU", + "Number of parameters (in a chunk) that should be processed to find key parameters:\n\t> 1 (A high value is a DoS risk)"); SYSCTL_PROC(_net_inet_ip_alias_sctp, OID_AUTO, track_global_addresses, CTLTYPE_UINT | CTLFLAG_RW, - &sysctl_track_global_addresses, 0, sysctl_chg_track_global_addresses, "IU", - "Configures the global address tracking option within the NAT:\n\t0 - Global tracking is disabled,\n\t> 0 - enables tracking but limits the number of global IP addresses to this value"); + &sysctl_track_global_addresses, 0, sysctl_chg_track_global_addresses, "IU", + "Configures the global address tracking option within the NAT:\n\t0 - Global tracking is disabled,\n\t> 0 - enables tracking but limits the number of global IP addresses to this value"); #endif /* SYSCTL_NODE */ @@ -416,16 +416,16 @@ SYSCTL_PROC(_net_inet_ip_alias_sctp, OID */ int sysctl_chg_loglevel(SYSCTL_HANDLER_ARGS) { - u_int level = *(u_int *)arg1; - int error; + u_int level = *(u_int *)arg1; + int error; - error = sysctl_handle_int(oidp, &level, 0, req); - if (error) return (error); + error = sysctl_handle_int(oidp, &level, 0, req); + if (error) return (error); - sysctl_log_level = (level > SN_LOG_DEBUG_MAX)?(SN_LOG_DEBUG_MAX):(level); - sysctl_log_level = (level < SN_LOG_LOW)?(SN_LOG_LOW):(level); + sysctl_log_level = (level > SN_LOG_DEBUG_MAX)?(SN_LOG_DEBUG_MAX):(level); + sysctl_log_level = (level < SN_LOG_LOW)?(SN_LOG_LOW):(level); - return (0); + return (0); } /** @ingroup sysctl @@ -437,22 +437,22 @@ int sysctl_chg_loglevel(SYSCTL_HANDLER_A */ int sysctl_chg_timer(SYSCTL_HANDLER_ARGS) { - u_int timer = *(u_int *)arg1; - int error; + u_int timer = *(u_int *)arg1; + int error; - error = sysctl_handle_int(oidp, &timer, 0, req); - if (error) return (error); + error = sysctl_handle_int(oidp, &timer, 0, req); + if (error) return (error); - timer = (timer > SN_MAX_TIMER)?(SN_MAX_TIMER):(timer); + timer = (timer > SN_MAX_TIMER)?(SN_MAX_TIMER):(timer); - if (((u_int *)arg1) != &sysctl_holddown_timer) - { - timer = (timer < SN_MIN_TIMER)?(SN_MIN_TIMER):(timer); - } + if (((u_int *)arg1) != &sysctl_holddown_timer) + { + timer = (timer < SN_MIN_TIMER)?(SN_MIN_TIMER):(timer); + } - *(u_int *)arg1 = timer; + *(u_int *)arg1 = timer; - return (0); + return (0); } /** @ingroup sysctl @@ -466,20 +466,20 @@ int sysctl_chg_timer(SYSCTL_HANDLER_ARGS */ int sysctl_chg_hashtable_size(SYSCTL_HANDLER_ARGS) { - u_int size = *(u_int *)arg1; - int error; + u_int size = *(u_int *)arg1; + int error; - error = sysctl_handle_int(oidp, &size, 0, req); - if (error) return (error); + error = sysctl_handle_int(oidp, &size, 0, req); + if (error) return (error); - size = (size < SN_MIN_HASH_SIZE)?(SN_MIN_HASH_SIZE):((size > SN_MAX_HASH_SIZE)?(SN_MAX_HASH_SIZE):(size)); + size = (size < SN_MIN_HASH_SIZE)?(SN_MIN_HASH_SIZE):((size > SN_MAX_HASH_SIZE)?(SN_MAX_HASH_SIZE):(size)); - size |= 0x00000001; /* make odd */ + size |= 0x00000001; /* make odd */ - for(;(((size % 3) == 0) || ((size % 5) == 0) || ((size % 7) == 0) || ((size % 11) == 0)); size+=2); - sysctl_hashtable_size = size; + for(;(((size % 3) == 0) || ((size % 5) == 0) || ((size % 7) == 0) || ((size % 11) == 0)); size+=2); + sysctl_hashtable_size = size; - return (0); + return (0); } /** @ingroup sysctl @@ -494,15 +494,15 @@ int sysctl_chg_hashtable_size(SYSCTL_HAN */ int sysctl_chg_error_on_ootb(SYSCTL_HANDLER_ARGS) { - u_int flag = *(u_int *)arg1; - int error; + u_int flag = *(u_int *)arg1; + int error; - error = sysctl_handle_int(oidp, &flag, 0, req); - if (error) return (error); + error = sysctl_handle_int(oidp, &flag, 0, req); + if (error) return (error); - sysctl_error_on_ootb = (flag > SN_ERROR_ON_OOTB) ? SN_ERROR_ON_OOTB: flag; + sysctl_error_on_ootb = (flag > SN_ERROR_ON_OOTB) ? SN_ERROR_ON_OOTB: flag; - return (0); + return (0); } /** @ingroup sysctl @@ -513,15 +513,15 @@ int sysctl_chg_error_on_ootb(SYSCTL_HAND */ int sysctl_chg_accept_global_ootb_addip(SYSCTL_HANDLER_ARGS) { - u_int flag = *(u_int *)arg1; - int error; + u_int flag = *(u_int *)arg1; + int error; - error = sysctl_handle_int(oidp, &flag, 0, req); - if (error) return (error); + error = sysctl_handle_int(oidp, &flag, 0, req); + if (error) return (error); - sysctl_accept_global_ootb_addip = (flag == 1) ? 1: 0; + sysctl_accept_global_ootb_addip = (flag == 1) ? 1: 0; - return (0); + return (0); } /** @ingroup sysctl @@ -533,17 +533,17 @@ int sysctl_chg_accept_global_ootb_addip( */ int sysctl_chg_initialising_chunk_proc_limit(SYSCTL_HANDLER_ARGS) { - u_int proclimit = *(u_int *)arg1; - int error; + u_int proclimit = *(u_int *)arg1; + int error; - error = sysctl_handle_int(oidp, &proclimit, 0, req); - if (error) return (error); + error = sysctl_handle_int(oidp, &proclimit, 0, req); + if (error) return (error); - sysctl_initialising_chunk_proc_limit = (proclimit < 1) ? 1: proclimit; - sysctl_chunk_proc_limit = - (sysctl_chunk_proc_limit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : sysctl_chunk_proc_limit; + sysctl_initialising_chunk_proc_limit = (proclimit < 1) ? 1: proclimit; + sysctl_chunk_proc_limit = + (sysctl_chunk_proc_limit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : sysctl_chunk_proc_limit; - return (0); + return (0); } /** @ingroup sysctl @@ -555,16 +555,16 @@ int sysctl_chg_initialising_chunk_proc_l */ int sysctl_chg_chunk_proc_limit(SYSCTL_HANDLER_ARGS) { - u_int proclimit = *(u_int *)arg1; - int error; + u_int proclimit = *(u_int *)arg1; + int error; - error = sysctl_handle_int(oidp, &proclimit, 0, req); - if (error) return (error); + error = sysctl_handle_int(oidp, &proclimit, 0, req); + if (error) return (error); - sysctl_chunk_proc_limit = - (proclimit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : proclimit; + sysctl_chunk_proc_limit = + (proclimit < sysctl_initialising_chunk_proc_limit) ? sysctl_initialising_chunk_proc_limit : proclimit; - return (0); + return (0); } @@ -577,16 +577,16 @@ int sysctl_chg_chunk_proc_limit(SYSCTL_H */ int sysctl_chg_param_proc_limit(SYSCTL_HANDLER_ARGS) { - u_int proclimit = *(u_int *)arg1; - int error; + u_int proclimit = *(u_int *)arg1; + int error; - error = sysctl_handle_int(oidp, &proclimit, 0, req); - if (error) return (error); + error = sysctl_handle_int(oidp, &proclimit, 0, req); + if (error) return (error); - sysctl_param_proc_limit = - (proclimit < 2) ? 2 : proclimit; + sysctl_param_proc_limit = + (proclimit < 2) ? 2 : proclimit; - return (0); + return (0); } /** @ingroup sysctl @@ -598,15 +598,15 @@ int sysctl_chg_param_proc_limit(SYSCTL_H */ int sysctl_chg_track_global_addresses(SYSCTL_HANDLER_ARGS) { - u_int num_to_track = *(u_int *)arg1; - int error; + u_int num_to_track = *(u_int *)arg1; + int error; - error = sysctl_handle_int(oidp, &num_to_track, 0, req); - if (error) return (error); + error = sysctl_handle_int(oidp, &num_to_track, 0, req); + if (error) return (error); - sysctl_track_global_addresses = (num_to_track > SN_MAX_GLOBAL_ADDRESSES) ? SN_MAX_GLOBAL_ADDRESSES : num_to_track; + sysctl_track_global_addresses = (num_to_track > SN_MAX_GLOBAL_ADDRESSES) ? SN_MAX_GLOBAL_ADDRESSES : num_to_track; - return (0); + return (0); } @@ -624,30 +624,30 @@ int sysctl_chg_track_global_addresses(SY */ void AliasSctpInit(struct libalias *la) { - /* Initialise association tables*/ - int i; - la->sctpNatTableSize = sysctl_hashtable_size; - SN_LOG(SN_LOG_EVENT, - SctpAliasLog("Initialising SCTP NAT Instance (hash_table_size:%d)\n", la->sctpNatTableSize)); - la->sctpTableLocal = sn_calloc(la->sctpNatTableSize, sizeof(struct sctpNatTableL)); - la->sctpTableGlobal = sn_calloc(la->sctpNatTableSize, sizeof(struct sctpNatTableG)); - la->sctpNatTimer.TimerQ = sn_calloc(SN_TIMER_QUEUE_SIZE, sizeof(struct sctpTimerQ)); - /* Initialise hash table */ - for (i = 0; i < la->sctpNatTableSize; i++) { - LIST_INIT(&la->sctpTableLocal[i]); - LIST_INIT(&la->sctpTableGlobal[i]); - } - - /* Initialise circular timer Q*/ - for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++) - LIST_INIT(&la->sctpNatTimer.TimerQ[i]); + /* Initialise association tables*/ + int i; + la->sctpNatTableSize = sysctl_hashtable_size; + SN_LOG(SN_LOG_EVENT, + SctpAliasLog("Initialising SCTP NAT Instance (hash_table_size:%d)\n", la->sctpNatTableSize)); + la->sctpTableLocal = sn_calloc(la->sctpNatTableSize, sizeof(struct sctpNatTableL)); + la->sctpTableGlobal = sn_calloc(la->sctpNatTableSize, sizeof(struct sctpNatTableG)); + la->sctpNatTimer.TimerQ = sn_calloc(SN_TIMER_QUEUE_SIZE, sizeof(struct sctpTimerQ)); + /* Initialise hash table */ + for (i = 0; i < la->sctpNatTableSize; i++) { + LIST_INIT(&la->sctpTableLocal[i]); + LIST_INIT(&la->sctpTableGlobal[i]); + } + + /* Initialise circular timer Q*/ + for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++) + LIST_INIT(&la->sctpNatTimer.TimerQ[i]); #ifdef _KERNEL - la->sctpNatTimer.loc_time=time_uptime; /* la->timeStamp is not set yet */ + la->sctpNatTimer.loc_time=time_uptime; /* la->timeStamp is not set yet */ #else - la->sctpNatTimer.loc_time=la->timeStamp; + la->sctpNatTimer.loc_time=la->timeStamp; #endif - la->sctpNatTimer.cur_loc = 0; - la->sctpLinkCount = 0; + la->sctpNatTimer.cur_loc = 0; + la->sctpLinkCount = 0; } /** @@ -664,25 +664,25 @@ void AliasSctpInit(struct libalias *la) */ void AliasSctpTerm(struct libalias *la) { - struct sctp_nat_assoc *assoc1, *assoc2; - int i; + struct sctp_nat_assoc *assoc1, *assoc2; + int i; + + LIBALIAS_LOCK_ASSERT(la); + SN_LOG(SN_LOG_EVENT, + SctpAliasLog("Removing SCTP NAT Instance\n")); + for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++) { + assoc1 = LIST_FIRST(&la->sctpNatTimer.TimerQ[i]); + while (assoc1 != NULL) { + freeGlobalAddressList(assoc1); + assoc2 = LIST_NEXT(assoc1, timer_Q); + sn_free(assoc1); + assoc1 = assoc2; + } + } - LIBALIAS_LOCK_ASSERT(la); - SN_LOG(SN_LOG_EVENT, - SctpAliasLog("Removing SCTP NAT Instance\n")); - for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++) { - assoc1 = LIST_FIRST(&la->sctpNatTimer.TimerQ[i]); - while (assoc1 != NULL) { - freeGlobalAddressList(assoc1); - assoc2 = LIST_NEXT(assoc1, timer_Q); - sn_free(assoc1); - assoc1 = assoc2; - } - } - - sn_free(la->sctpTableLocal); - sn_free(la->sctpTableGlobal); - sn_free(la->sctpNatTimer.TimerQ); + sn_free(la->sctpTableLocal); + sn_free(la->sctpTableGlobal); + sn_free(la->sctpNatTimer.TimerQ); } /** @@ -711,122 +711,122 @@ void AliasSctpTerm(struct libalias *la) int SctpAlias(struct libalias *la, struct ip *pip, int direction) { - int rtnval; - struct sctp_nat_msg msg; - struct sctp_nat_assoc *assoc = NULL; - - if ((direction != SN_TO_LOCAL) && (direction != SN_TO_GLOBAL)) { - SctpAliasLog("ERROR: Invalid direction\n"); - return(PKT_ALIAS_ERROR); - } - - sctp_CheckTimers(la); /* Check timers */ - - /* Parse the packet */ - rtnval = sctp_PktParser(la, direction, pip, &msg, &assoc); //using *char (change to mbuf when get code from paolo) - switch (rtnval) { - case SN_PARSE_OK: - break; - case SN_PARSE_ERROR_CHHL: - /* Not an error if there is a chunk length parsing error and this is a fragmented packet */ - if (ntohs(pip->ip_off) & IP_MF) { - rtnval = SN_PARSE_OK; - break; - } - SN_LOG(SN_LOG_EVENT, - logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction)); - return(PKT_ALIAS_ERROR); - case SN_PARSE_ERROR_PARTIALLOOKUP: - if (sysctl_error_on_ootb > SN_LOCALandPARTIAL_ERROR_ON_OOTB) { - SN_LOG(SN_LOG_EVENT, - logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction)); - return(PKT_ALIAS_ERROR); - } - case SN_PARSE_ERROR_LOOKUP: - if (sysctl_error_on_ootb == SN_ERROR_ON_OOTB || - (sysctl_error_on_ootb == SN_LOCALandPARTIAL_ERROR_ON_OOTB && direction == SN_TO_LOCAL) || - (sysctl_error_on_ootb == SN_LOCAL_ERROR_ON_OOTB && direction == SN_TO_GLOBAL)) { - TxAbortErrorM(la, &msg, assoc, SN_REFLECT_ERROR, direction); /*NB assoc=NULL */ - return(PKT_ALIAS_RESPOND); - } - default: - SN_LOG(SN_LOG_EVENT, - logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction)); - return(PKT_ALIAS_ERROR); - } - - SN_LOG(SN_LOG_DETAIL, - logsctpassoc(assoc, "*"); - logsctpparse(direction, &msg); - ); - - /* Process the SCTP message */ - rtnval = ProcessSctpMsg(la, direction, &msg, assoc); - - SN_LOG(SN_LOG_DEBUG_MAX, - logsctpassoc(assoc, "-"); - logSctpLocal(la); - logSctpGlobal(la); - ); - SN_LOG(SN_LOG_DEBUG, logTimerQ(la)); - - switch(rtnval){ - case SN_NAT_PKT: - switch(direction) { - case SN_TO_LOCAL: - DifferentialChecksum(&(msg.ip_hdr->ip_sum), - &(assoc->l_addr), &(msg.ip_hdr->ip_dst), 2); - msg.ip_hdr->ip_dst = assoc->l_addr; /* change dst address to local address*/ - break; - case SN_TO_GLOBAL: - DifferentialChecksum(&(msg.ip_hdr->ip_sum), - &(assoc->a_addr), &(msg.ip_hdr->ip_src), 2); - msg.ip_hdr->ip_src = assoc->a_addr; /* change src to alias addr*/ - break; - default: - rtnval = SN_DROP_PKT; /* shouldn't get here, but if it does drop packet */ - SN_LOG(SN_LOG_LOW, logsctperror("ERROR: Invalid direction", msg.sctp_hdr->v_tag, rtnval, direction)); - break; - } - break; - case SN_DROP_PKT: - SN_LOG(SN_LOG_DETAIL, logsctperror("SN_DROP_PKT", msg.sctp_hdr->v_tag, rtnval, direction)); - break; - case SN_REPLY_ABORT: - case SN_REPLY_ERROR: - case SN_SEND_ABORT: - TxAbortErrorM(la, &msg, assoc, rtnval, direction); - break; - default: - // big error, remove association and go to idle and write log messages - SN_LOG(SN_LOG_LOW, logsctperror("SN_PROCESSING_ERROR", msg.sctp_hdr->v_tag, rtnval, direction)); - assoc->state=SN_RM;/* Mark for removal*/ - break; - } - - /* Remove association if tagged for removal */ - if (assoc->state == SN_RM) { - if (assoc->TableRegister) { - sctp_RmTimeOut(la, assoc); - RmSctpAssoc(la, assoc); - } - LIBALIAS_LOCK_ASSERT(la); - freeGlobalAddressList(assoc); - sn_free(assoc); - } - switch(rtnval) { - case SN_NAT_PKT: - return(PKT_ALIAS_OK); - case SN_SEND_ABORT: - return(PKT_ALIAS_OK); - case SN_REPLY_ABORT: - case SN_REPLY_ERROR: - case SN_REFLECT_ERROR: - return(PKT_ALIAS_RESPOND); - case SN_DROP_PKT: - default: - return(PKT_ALIAS_ERROR); - } + int rtnval; + struct sctp_nat_msg msg; + struct sctp_nat_assoc *assoc = NULL; + + if ((direction != SN_TO_LOCAL) && (direction != SN_TO_GLOBAL)) { + SctpAliasLog("ERROR: Invalid direction\n"); + return(PKT_ALIAS_ERROR); + } + + sctp_CheckTimers(la); /* Check timers */ + + /* Parse the packet */ + rtnval = sctp_PktParser(la, direction, pip, &msg, &assoc); //using *char (change to mbuf when get code from paolo) + switch (rtnval) { + case SN_PARSE_OK: + break; + case SN_PARSE_ERROR_CHHL: + /* Not an error if there is a chunk length parsing error and this is a fragmented packet */ + if (ntohs(pip->ip_off) & IP_MF) { + rtnval = SN_PARSE_OK; + break; + } + SN_LOG(SN_LOG_EVENT, + logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction)); + return(PKT_ALIAS_ERROR); + case SN_PARSE_ERROR_PARTIALLOOKUP: + if (sysctl_error_on_ootb > SN_LOCALandPARTIAL_ERROR_ON_OOTB) { + SN_LOG(SN_LOG_EVENT, + logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction)); + return(PKT_ALIAS_ERROR); + } + case SN_PARSE_ERROR_LOOKUP: + if (sysctl_error_on_ootb == SN_ERROR_ON_OOTB || + (sysctl_error_on_ootb == SN_LOCALandPARTIAL_ERROR_ON_OOTB && direction == SN_TO_LOCAL) || + (sysctl_error_on_ootb == SN_LOCAL_ERROR_ON_OOTB && direction == SN_TO_GLOBAL)) { + TxAbortErrorM(la, &msg, assoc, SN_REFLECT_ERROR, direction); /*NB assoc=NULL */ + return(PKT_ALIAS_RESPOND); + } + default: + SN_LOG(SN_LOG_EVENT, + logsctperror("SN_PARSE_ERROR", msg.sctp_hdr->v_tag, rtnval, direction)); + return(PKT_ALIAS_ERROR); + } + + SN_LOG(SN_LOG_DETAIL, + logsctpassoc(assoc, "*"); + logsctpparse(direction, &msg); + ); + + /* Process the SCTP message */ + rtnval = ProcessSctpMsg(la, direction, &msg, assoc); + + SN_LOG(SN_LOG_DEBUG_MAX, + logsctpassoc(assoc, "-"); + logSctpLocal(la); + logSctpGlobal(la); + ); + SN_LOG(SN_LOG_DEBUG, logTimerQ(la)); + + switch(rtnval){ + case SN_NAT_PKT: + switch(direction) { + case SN_TO_LOCAL: + DifferentialChecksum(&(msg.ip_hdr->ip_sum), + &(assoc->l_addr), &(msg.ip_hdr->ip_dst), 2); + msg.ip_hdr->ip_dst = assoc->l_addr; /* change dst address to local address*/ + break; + case SN_TO_GLOBAL: + DifferentialChecksum(&(msg.ip_hdr->ip_sum), + &(assoc->a_addr), &(msg.ip_hdr->ip_src), 2); + msg.ip_hdr->ip_src = assoc->a_addr; /* change src to alias addr*/ + break; + default: + rtnval = SN_DROP_PKT; /* shouldn't get here, but if it does drop packet */ + SN_LOG(SN_LOG_LOW, logsctperror("ERROR: Invalid direction", msg.sctp_hdr->v_tag, rtnval, direction)); + break; + } + break; + case SN_DROP_PKT: + SN_LOG(SN_LOG_DETAIL, logsctperror("SN_DROP_PKT", msg.sctp_hdr->v_tag, rtnval, direction)); + break; + case SN_REPLY_ABORT: + case SN_REPLY_ERROR: + case SN_SEND_ABORT: + TxAbortErrorM(la, &msg, assoc, rtnval, direction); + break; + default: + // big error, remove association and go to idle and write log messages + SN_LOG(SN_LOG_LOW, logsctperror("SN_PROCESSING_ERROR", msg.sctp_hdr->v_tag, rtnval, direction)); + assoc->state=SN_RM;/* Mark for removal*/ + break; + } + + /* Remove association if tagged for removal */ + if (assoc->state == SN_RM) { + if (assoc->TableRegister) { + sctp_RmTimeOut(la, assoc); + RmSctpAssoc(la, assoc); + } + LIBALIAS_LOCK_ASSERT(la); + freeGlobalAddressList(assoc); + sn_free(assoc); + } + switch(rtnval) { + case SN_NAT_PKT: + return(PKT_ALIAS_OK); + case SN_SEND_ABORT: + return(PKT_ALIAS_OK); + case SN_REPLY_ABORT: + case SN_REPLY_ERROR: + case SN_REFLECT_ERROR: + return(PKT_ALIAS_RESPOND); + case SN_DROP_PKT: + default: + return(PKT_ALIAS_ERROR); + } } /** @@ -865,92 +865,92 @@ SctpAlias(struct libalias *la, struct ip static void TxAbortErrorM(struct libalias *la, struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc, int sndrply, int direction) { - int sctp_size = sizeof(struct sctphdr) + sizeof(struct sctp_chunkhdr) + sizeof(struct sctp_error_cause); - int ip_size = sizeof(struct ip) + sctp_size; - int include_error_cause = 1; - char tmp_ip[ip_size]; - - if (ntohs(sm->ip_hdr->ip_len) < ip_size) { /* short packet, cannot send error cause */ - include_error_cause = 0; - ip_size = ip_size - sizeof(struct sctp_error_cause); - sctp_size = sctp_size - sizeof(struct sctp_error_cause); - } - /* Assign header pointers packet */ - struct ip* ip = (struct ip *) tmp_ip; - struct sctphdr* sctp_hdr = (struct sctphdr *) ((char *) ip + sizeof(*ip)); - struct sctp_chunkhdr* chunk_hdr = (struct sctp_chunkhdr *) ((char *) sctp_hdr + sizeof(*sctp_hdr)); - struct sctp_error_cause* error_cause = (struct sctp_error_cause *) ((char *) chunk_hdr + sizeof(*chunk_hdr)); - - /* construct ip header */ - ip->ip_v = sm->ip_hdr->ip_v; - ip->ip_hl = 5; /* 5*32 bit words */ - ip->ip_tos = 0; - ip->ip_len = htons(ip_size); - ip->ip_id = sm->ip_hdr->ip_id; - ip->ip_off = 0; - ip->ip_ttl = 255; - ip->ip_p = IPPROTO_SCTP; - /* - The definitions below should be removed when they make it into the SCTP stack - */ + int sctp_size = sizeof(struct sctphdr) + sizeof(struct sctp_chunkhdr) + sizeof(struct sctp_error_cause); + int ip_size = sizeof(struct ip) + sctp_size; + int include_error_cause = 1; + char tmp_ip[ip_size]; + + if (ntohs(sm->ip_hdr->ip_len) < ip_size) { /* short packet, cannot send error cause */ + include_error_cause = 0; + ip_size = ip_size - sizeof(struct sctp_error_cause); + sctp_size = sctp_size - sizeof(struct sctp_error_cause); + } + /* Assign header pointers packet */ + struct ip* ip = (struct ip *) tmp_ip; + struct sctphdr* sctp_hdr = (struct sctphdr *) ((char *) ip + sizeof(*ip)); + struct sctp_chunkhdr* chunk_hdr = (struct sctp_chunkhdr *) ((char *) sctp_hdr + sizeof(*sctp_hdr)); + struct sctp_error_cause* error_cause = (struct sctp_error_cause *) ((char *) chunk_hdr + sizeof(*chunk_hdr)); + + /* construct ip header */ + ip->ip_v = sm->ip_hdr->ip_v; + ip->ip_hl = 5; /* 5*32 bit words */ + ip->ip_tos = 0; + ip->ip_len = htons(ip_size); + ip->ip_id = sm->ip_hdr->ip_id; + ip->ip_off = 0; + ip->ip_ttl = 255; + ip->ip_p = IPPROTO_SCTP; + /* + The definitions below should be removed when they make it into the SCTP stack + */ #define SCTP_MIDDLEBOX_FLAG 0x02 #define SCTP_NAT_TABLE_COLLISION 0x00b0 #define SCTP_MISSING_NAT 0x00b1 - chunk_hdr->chunk_type = (sndrply & SN_TX_ABORT) ? SCTP_ABORT_ASSOCIATION : SCTP_OPERATION_ERROR; - chunk_hdr->chunk_flags = SCTP_MIDDLEBOX_FLAG; - if (include_error_cause) { - error_cause->code = htons((sndrply & SN_REFLECT_ERROR) ? SCTP_MISSING_NAT : SCTP_NAT_TABLE_COLLISION); - error_cause->length = htons(sizeof(struct sctp_error_cause)); - chunk_hdr->chunk_length = htons(sizeof(*chunk_hdr) + sizeof(struct sctp_error_cause)); - } else { - chunk_hdr->chunk_length = htons(sizeof(*chunk_hdr)); - } - - /* set specific values */ - switch(sndrply) { - case SN_REFLECT_ERROR: - chunk_hdr->chunk_flags |= SCTP_HAD_NO_TCB; /* set Tbit */ - sctp_hdr->v_tag = sm->sctp_hdr->v_tag; - break; - case SN_REPLY_ERROR: - sctp_hdr->v_tag = (direction == SN_TO_LOCAL) ? assoc->g_vtag : assoc->l_vtag ; - break; - case SN_SEND_ABORT: - sctp_hdr->v_tag = sm->sctp_hdr->v_tag; - break; - case SN_REPLY_ABORT: - sctp_hdr->v_tag = sm->sctpchnk.Init->initiate_tag; - break; - } + chunk_hdr->chunk_type = (sndrply & SN_TX_ABORT) ? SCTP_ABORT_ASSOCIATION : SCTP_OPERATION_ERROR; + chunk_hdr->chunk_flags = SCTP_MIDDLEBOX_FLAG; + if (include_error_cause) { + error_cause->code = htons((sndrply & SN_REFLECT_ERROR) ? SCTP_MISSING_NAT : SCTP_NAT_TABLE_COLLISION); + error_cause->length = htons(sizeof(struct sctp_error_cause)); + chunk_hdr->chunk_length = htons(sizeof(*chunk_hdr) + sizeof(struct sctp_error_cause)); + } else { + chunk_hdr->chunk_length = htons(sizeof(*chunk_hdr)); + } + + /* set specific values */ + switch(sndrply) { + case SN_REFLECT_ERROR: + chunk_hdr->chunk_flags |= SCTP_HAD_NO_TCB; /* set Tbit */ + sctp_hdr->v_tag = sm->sctp_hdr->v_tag; + break; + case SN_REPLY_ERROR: + sctp_hdr->v_tag = (direction == SN_TO_LOCAL) ? assoc->g_vtag : assoc->l_vtag ; + break; + case SN_SEND_ABORT: + sctp_hdr->v_tag = sm->sctp_hdr->v_tag; + break; + case SN_REPLY_ABORT: + sctp_hdr->v_tag = sm->sctpchnk.Init->initiate_tag; + break; + } - /* Set send/reply values */ - if (sndrply == SN_SEND_ABORT) { /*pass through NAT */ - ip->ip_src = (direction == SN_TO_LOCAL) ? sm->ip_hdr->ip_src : assoc->a_addr; - ip->ip_dst = (direction == SN_TO_LOCAL) ? assoc->l_addr : sm->ip_hdr->ip_dst; - sctp_hdr->src_port = sm->sctp_hdr->src_port; - sctp_hdr->dest_port = sm->sctp_hdr->dest_port; - } else { /* reply and reflect */ - ip->ip_src = sm->ip_hdr->ip_dst; - ip->ip_dst = sm->ip_hdr->ip_src; - sctp_hdr->src_port = sm->sctp_hdr->dest_port; - sctp_hdr->dest_port = sm->sctp_hdr->src_port; - } + /* Set send/reply values */ + if (sndrply == SN_SEND_ABORT) { /*pass through NAT */ + ip->ip_src = (direction == SN_TO_LOCAL) ? sm->ip_hdr->ip_src : assoc->a_addr; + ip->ip_dst = (direction == SN_TO_LOCAL) ? assoc->l_addr : sm->ip_hdr->ip_dst; + sctp_hdr->src_port = sm->sctp_hdr->src_port; + sctp_hdr->dest_port = sm->sctp_hdr->dest_port; + } else { /* reply and reflect */ + ip->ip_src = sm->ip_hdr->ip_dst; + ip->ip_dst = sm->ip_hdr->ip_src; + sctp_hdr->src_port = sm->sctp_hdr->dest_port; + sctp_hdr->dest_port = sm->sctp_hdr->src_port; + } - /* Calculate IP header checksum */ - ip->ip_sum = in_cksum_hdr(ip); + /* Calculate IP header checksum */ + ip->ip_sum = in_cksum_hdr(ip); - /* calculate SCTP header CRC32 */ - sctp_hdr->checksum = 0; - sctp_hdr->checksum = sctp_csum_finalize(update_crc32(0xffffffff, (unsigned char *) sctp_hdr, sctp_size)); - - memcpy(sm->ip_hdr, ip, ip_size); - - SN_LOG(SN_LOG_EVENT,SctpAliasLog("%s %s 0x%x (->%s:%u vtag=0x%x crc=0x%x)\n", - ((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"), - ((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"), - (include_error_cause ? ntohs(error_cause->code) : 0), - inet_ntoa(ip->ip_dst),ntohs(sctp_hdr->dest_port), - ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum))); + /* calculate SCTP header CRC32 */ + sctp_hdr->checksum = 0; + sctp_hdr->checksum = sctp_csum_finalize(update_crc32(0xffffffff, (unsigned char *) sctp_hdr, sctp_size)); + + memcpy(sm->ip_hdr, ip, ip_size); + + SN_LOG(SN_LOG_EVENT,SctpAliasLog("%s %s 0x%x (->%s:%u vtag=0x%x crc=0x%x)\n", + ((sndrply == SN_SEND_ABORT) ? "Sending" : "Replying"), + ((sndrply & SN_TX_ERROR) ? "ErrorM" : "AbortM"), + (include_error_cause ? ntohs(error_cause->code) : 0), + inet_ntoa(ip->ip_dst),ntohs(sctp_hdr->dest_port), + ntohl(sctp_hdr->v_tag), ntohl(sctp_hdr->checksum))); } /* ---------------------------------------------------------------------- @@ -980,209 +980,209 @@ TxAbortErrorM(struct libalias *la, struc */ static int sctp_PktParser(struct libalias *la, int direction, struct ip *pip, - struct sctp_nat_msg *sm, struct sctp_nat_assoc **passoc) + struct sctp_nat_msg *sm, struct sctp_nat_assoc **passoc) //sctp_PktParser(int direction, struct mbuf *ipak, int ip_hdr_len,struct sctp_nat_msg *sm, struct sctp_nat_assoc *assoc) { - struct sctphdr *sctp_hdr; - struct sctp_chunkhdr *chunk_hdr; - struct sctp_paramhdr *param_hdr; - struct in_addr ipv4addr; - int bytes_left; /* bytes left in ip packet */ - int chunk_length; - int chunk_count; - int partial_match = 0; - // mbuf *mp; - // int mlen; - - // mlen = SCTP_HEADER_LEN(i_pak); - // mp = SCTP_HEADER_TO_CHAIN(i_pak); /* does nothing in bsd since header and chain not separate */ - - /* - * Note, that if the VTag is zero, it must be an INIT - * Also, I am only interested in the content of INIT and ADDIP chunks - */ - - // no mbuf stuff from Paolo yet so ... - sm->ip_hdr = pip; - /* remove ip header length from the bytes_left */ - bytes_left = ntohs(pip->ip_len) - (pip->ip_hl << 2); - - /* Check SCTP header length and move to first chunk */ - if (bytes_left < sizeof(struct sctphdr)) { - sm->sctp_hdr = NULL; - return(SN_PARSE_ERROR_IPSHL); /* packet not long enough*/ - } + struct sctphdr *sctp_hdr; + struct sctp_chunkhdr *chunk_hdr; + struct sctp_paramhdr *param_hdr; + struct in_addr ipv4addr; + int bytes_left; /* bytes left in ip packet */ + int chunk_length; + int chunk_count; + int partial_match = 0; + // mbuf *mp; + // int mlen; + + // mlen = SCTP_HEADER_LEN(i_pak); + // mp = SCTP_HEADER_TO_CHAIN(i_pak); /* does nothing in bsd since header and chain not separate */ + + /* + * Note, that if the VTag is zero, it must be an INIT + * Also, I am only interested in the content of INIT and ADDIP chunks + */ + + // no mbuf stuff from Paolo yet so ... + sm->ip_hdr = pip; + /* remove ip header length from the bytes_left */ + bytes_left = ntohs(pip->ip_len) - (pip->ip_hl << 2); + + /* Check SCTP header length and move to first chunk */ + if (bytes_left < sizeof(struct sctphdr)) { + sm->sctp_hdr = NULL; + return(SN_PARSE_ERROR_IPSHL); /* packet not long enough*/ + } - sm->sctp_hdr = sctp_hdr = (struct sctphdr *) ip_next(pip); - bytes_left -= sizeof(struct sctphdr); + sm->sctp_hdr = sctp_hdr = (struct sctphdr *) ip_next(pip); + bytes_left -= sizeof(struct sctphdr); - /* Check for valid ports (zero valued ports would find partially initialised associations */ - if (sctp_hdr->src_port == 0 || sctp_hdr->dest_port == 0) - return(SN_PARSE_ERROR_PORT); - - /* Check length of first chunk */ - if (bytes_left < SN_MIN_CHUNK_SIZE) /* malformed chunk - could cause endless loop*/ - return(SN_PARSE_ERROR_CHHL); /* packet not long enough for this chunk */ + /* Check for valid ports (zero valued ports would find partially initialised associations */ + if (sctp_hdr->src_port == 0 || sctp_hdr->dest_port == 0) + return(SN_PARSE_ERROR_PORT); + + /* Check length of first chunk */ + if (bytes_left < SN_MIN_CHUNK_SIZE) /* malformed chunk - could cause endless loop*/ + return(SN_PARSE_ERROR_CHHL); /* packet not long enough for this chunk */ - /* First chunk */ - chunk_hdr = SN_SCTP_FIRSTCHUNK(sctp_hdr); + /* First chunk */ + chunk_hdr = SN_SCTP_FIRSTCHUNK(sctp_hdr); - chunk_length = SCTP_SIZE32(ntohs(chunk_hdr->chunk_length)); - if ((chunk_length < SN_MIN_CHUNK_SIZE) || (chunk_length > bytes_left)) /* malformed chunk - could cause endless loop*/ - return(SN_PARSE_ERROR_CHHL); - - if ((chunk_hdr->chunk_flags & SCTP_HAD_NO_TCB) && - ((chunk_hdr->chunk_type == SCTP_ABORT_ASSOCIATION) || - (chunk_hdr->chunk_type == SCTP_SHUTDOWN_COMPLETE))) { - /* T-Bit set */ - if (direction == SN_TO_LOCAL) - *passoc = FindSctpGlobalT(la, pip->ip_src, sctp_hdr->v_tag, sctp_hdr->dest_port, sctp_hdr->src_port); - else - *passoc = FindSctpLocalT(la, pip->ip_dst, sctp_hdr->v_tag, sctp_hdr->dest_port, sctp_hdr->src_port); - } else { - /* Proper v_tag settings */ - if (direction == SN_TO_LOCAL) - *passoc = FindSctpGlobal(la, pip->ip_src, sctp_hdr->v_tag, sctp_hdr->src_port, sctp_hdr->dest_port, &partial_match); - else - *passoc = FindSctpLocal(la, pip->ip_src, pip->ip_dst, sctp_hdr->v_tag, sctp_hdr->src_port, sctp_hdr->dest_port); - } - - chunk_count = 1; - /* Real packet parsing occurs below */ - sm->msg = SN_SCTP_OTHER;/* Initialise to largest value*/ - sm->chunk_length = 0; /* only care about length for key chunks */ - while (IS_SCTP_CONTROL(chunk_hdr)) { - switch(chunk_hdr->chunk_type) { - case SCTP_INITIATION: - if (chunk_length < sizeof(struct sctp_init_chunk)) /* malformed chunk*/ - return(SN_PARSE_ERROR_CHHL); - sm->msg = SN_SCTP_INIT; - sm->sctpchnk.Init = (struct sctp_init *) ((char *) chunk_hdr + sizeof(struct sctp_chunkhdr)); - sm->chunk_length = chunk_length; - /* if no existing association, create a new one */ - if (*passoc == NULL) { - if (sctp_hdr->v_tag == 0){ //Init requires vtag=0 - *passoc = (struct sctp_nat_assoc *) sn_malloc(sizeof(struct sctp_nat_assoc)); - if (*passoc == NULL) {/* out of resources */ - return(SN_PARSE_ERROR_AS_MALLOC); - } - /* Initialise association - malloc initialises memory to zeros */ - (*passoc)->state = SN_ID; - LIST_INIT(&((*passoc)->Gaddr)); /* always initialise to avoid memory problems */ *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901051448.n05EmhMn099183>