From nobody Tue Dec 21 23:35:29 2021
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id EB80F190109E;
	Tue, 21 Dec 2021 23:35:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4JJXrL3zzNz3pLr;
	Tue, 21 Dec 2021 23:35:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 23B0A1322F;
	Tue, 21 Dec 2021 23:35:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1BLNZTvP049731;
	Tue, 21 Dec 2021 23:35:29 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1BLNZT31049730;
	Tue, 21 Dec 2021 23:35:29 GMT
	(envelope-from git)
Date: Tue, 21 Dec 2021 23:35:29 GMT
Message-Id: <202112212335.1BLNZT31049730@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Cy Schubert <cy@FreeBSD.org>
Subject: git: ee680288bc87 - stable/13 - ipfilter: MSN RPC proxy is not complete
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: cy
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: ee680288bc879fad0ef261430dc8518b0a9eccba
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1640129731;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=oGT28uLWLX0MQv/OnWOa8RiwIppvL5QZHpBTMq+hFRw=;
	b=OdsVAeGKNMrFMX7xbGylp/9m6p8vh/Ld+p49Q+GJAP3VPvowrGTAI6bCSwNQAJbjUNG9tA
	KyN+w49I7ul4CIgjNSO7lFo3mZAu8LFN2Y2KF+nI/TTW7jrjVYwo3EwuDxrcD/J/PEuDe4
	es8Ok7KDVvkeqx/L8EQGCJKOAjeYC6+jtIdjJ2u2TVfGA5lve3OedLrCGeExQR9M9wMQd1
	E1uLU4QPgTyH2fMRdeUN1GYu8wvqOaa/qtJGGz5SJdj7AK93Z8bMWRTE1r2Tii5wsd42ae
	kIibikKWmL23H5JVmIILbbNVodj4SiHx9E4dNtKTjm0Q6y5CyGI1h88qlxBInA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1640129731; a=rsa-sha256; cv=none;
	b=uos3d6VlQgN7YOjpJleeMKrAVuTpMBnVFutzubRDik/1xXaX2T+/63wkBPrszB0iLcu0qW
	w7adZIA6+BNwXswq1UF2O2h5zTM9LZHaWef0nQgjU4IrNxnPs+VtfIV/IZgvEv9WDKmE58
	RmZ3fagMxj2ysS5WUmXh9NIFSgHrmE2xN5s41mrKgWha26veH/U3qY9cgdlSp+U5JP3vjq
	pVKQlQ8mcZ/EvJ3ytipC9W2vLervuLbmiZYp/gcHhzTWifJW1lRtIx9Bnqm7CdAXJuY/1d
	cfV7XnT+Cf/ohB+h+EoxsLPCdJEc3YfPOfmiPQwKMo2tJhRKYMcidxCbI+anbA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch stable/13 has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=ee680288bc879fad0ef261430dc8518b0a9eccba

commit ee680288bc879fad0ef261430dc8518b0a9eccba
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2021-12-16 00:08:11 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2021-12-21 23:34:41 +0000

    ipfilter: MSN RPC proxy is not complete
    
    The MSN RPC proxy is incomplete and does not do any address
    translation. Remove it.
    
    (cherry picked from commit c610426c4deeaa80ad86d8177e7c0b7680104dc7)
---
 contrib/ipfilter/ip_msnrpc_pxy.c | 328 ---------------------------------------
 1 file changed, 328 deletions(-)

diff --git a/contrib/ipfilter/ip_msnrpc_pxy.c b/contrib/ipfilter/ip_msnrpc_pxy.c
deleted file mode 100644
index 9cddd398edde..000000000000
--- a/contrib/ipfilter/ip_msnrpc_pxy.c
+++ /dev/null
@@ -1,328 +0,0 @@
-/*	$FreeBSD$	*/
-
-/*
- * Copyright (C) 2000-2003 by Darren Reed
- *
- * See the IPFILTER.LICENCE file for details on licencing.
- *
- * Simple DCE transparent proxy for MSN RPC.
- *
- * ******* NOTE: THIS PROXY DOES NOT DO ADDRESS TRANSLATION ********
- *
- * Id: ip_msnrpc_pxy.c,v 2.17.2.1 2005/02/04 10:22:55 darrenr Exp
- */
-
-#define	IPF_MSNRPC_PROXY
-
-#define	IPF_MINMSNRPCLEN	24
-#define	IPF_MSNRPCSKIP		(2 + 19 + 2 + 2 + 2 + 19 + 2 + 2)
-
-
-typedef	struct	msnrpchdr	{
-	u_char	mrh_major;	/* major # == 5 */
-	u_char	mrh_minor;	/* minor # == 0 */
-	u_char	mrh_type;
-	u_char	mrh_flags;
-	u_32_t	mrh_endian;
-	u_short	mrh_dlen;	/* data size */
-	u_short	mrh_alen;	/* authentication length */
-	u_32_t	mrh_cid;	/* call identifier */
-	u_32_t	mrh_hint;	/* allocation hint */
-	u_short	mrh_ctxt;	/* presentation context hint */
-	u_char	mrh_ccnt;	/* cancel count */
-	u_char	mrh_ans;
-} msnrpchdr_t;
-
-int ippr_msnrpc_init(void);
-void ippr_msnrpc_fini(void);
-int ippr_msnrpc_new(fr_info_t *, ap_session_t *, nat_t *);
-int ippr_msnrpc_out(fr_info_t *, ap_session_t *, nat_t *);
-int ippr_msnrpc_in(fr_info_t *, ap_session_t *, nat_t *);
-int ippr_msnrpc_check(ip_t *, msnrpchdr_t *);
-
-static	frentry_t	msnfr;
-
-int	msn_proxy_init = 0;
-
-/*
- * Initialize local structures.
- */
-int ippr_msnrpc_init()
-{
-	bzero((char *)&msnfr, sizeof(msnfr));
-	msnfr.fr_ref = 1;
-	msnfr.fr_flags = FR_INQUE|FR_PASS|FR_QUICK|FR_KEEPSTATE;
-	MUTEX_INIT(&msnfr.fr_lock, "MSN RPC proxy rule lock");
-	msn_proxy_init = 1;
-
-	return 0;
-}
-
-
-void ippr_msnrpc_fini()
-{
-	if (msn_proxy_init == 1) {
-		MUTEX_DESTROY(&msnfr.fr_lock);
-		msn_proxy_init = 0;
-	}
-}
-
-
-int ippr_msnrpc_new(fin, aps, nat)
-fr_info_t *fin;
-ap_session_t *aps;
-nat_t *nat;
-{
-	msnrpcinfo_t *mri;
-
-	KMALLOC(mri, msnrpcinfo_t *);
-	if (mri == NULL)
-		return -1;
-	aps->aps_data = mri;
-	aps->aps_psiz = sizeof(msnrpcinfo_t);
-
-	bzero((char *)mri, sizeof(*mri));
-	mri->mri_cmd[0] = 0xff;
-	mri->mri_cmd[1] = 0xff;
-	return 0;
-}
-
-
-int ippr_msnrpc_check(ip, mrh)
-ip_t *ip;
-msnrpchdr_t *mrh;
-{
-	if (mrh->mrh_major != 5)
-		return -1;
-	if (mrh->mrh_minor != 0)
-		return -1;
-	if (mrh->mrh_alen != 0)
-		return -1;
-	if (mrh->mrh_endian == 0x10) {
-		/* Both gateway and packet match endian */
-		if (mrh->mrh_dlen > ip->ip_len)
-			return -1;
-		if (mrh->mrh_type == 0 || mrh->mrh_type == 2)
-			if (mrh->mrh_hint > ip->ip_len)
-				return -1;
-	} else if (mrh->mrh_endian == 0x10000000) {
-		/* XXX - Endian mismatch - should be swapping! */
-		return -1;
-	} else {
-		return -1;
-	}
-	return 0;
-}
-
-
-int ippr_msnrpc_out(fin, ip, aps, nat)
-fr_info_t *fin;
-ip_t *ip;
-ap_session_t *aps;
-nat_t *nat;
-{
-	msnrpcinfo_t *mri;
-	msnrpchdr_t *mrh;
-	tcphdr_t *tcp;
-	int dlen;
-
-	mri = aps->aps_data;
-	if (mri == NULL)
-		return 0;
-
-	tcp = (tcphdr_t *)fin->fin_dp;
-	dlen = fin->fin_dlen - (TCP_OFF(tcp) << 2);
-	if (dlen < IPF_MINMSNRPCLEN)
-		return 0;
-
-	mrh = (msnrpchdr_t *)((char *)tcp + (TCP_OFF(tcp) << 2));
-	if (ippr_msnrpc_check(ip, mrh))
-		return 0;
-
-	mri->mri_valid++;
-
-	switch (mrh->mrh_type)
-	{
-	case 0x0b :	/* BIND */
-	case 0x00 :	/* REQUEST */
-		break;
-	case 0x0c :	/* BIND ACK */
-	case 0x02 :	/* RESPONSE */
-	default:
-		return 0;
-	}
-	mri->mri_cmd[1] = mrh->mrh_type;
-	return 0;
-}
-
-
-int ippr_msnrpc_in(fin, ip, aps, nat)
-fr_info_t *fin;
-ip_t *ip;
-ap_session_t *aps;
-nat_t *nat;
-{
-	tcphdr_t *tcp, tcph, *tcp2 = &tcph;
-	int dlen, sz, sz2, i;
-	msnrpcinfo_t *mri;
-	msnrpchdr_t *mrh;
-	fr_info_t fi;
-	u_short len;
-	char *s;
-
-	mri = aps->aps_data;
-	if (mri == NULL)
-		return 0;
-	tcp = (tcphdr_t *)fin->fin_dp;
-	dlen = fin->fin_dlen - (TCP_OFF(tcp) << 2);
-	if (dlen < IPF_MINMSNRPCLEN)
-		return 0;
-
-	mrh = (msnrpchdr_t *)((char *)tcp + (TCP_OFF(tcp) << 2));
-	if (ippr_msnrpc_check(ip, mrh))
-		return 0;
-
-	mri->mri_valid++;
-
-	switch (mrh->mrh_type)
-	{
-	case 0x0c :	/* BIND ACK */
-		if (mri->mri_cmd[1] != 0x0b)
-			return 0;
-		break;
-	case 0x02 :	/* RESPONSE */
-		if (mri->mri_cmd[1] != 0x00)
-			return 0;
-		break;
-	case 0x0b :	/* BIND */
-	case 0x00 :	/* REQUEST */
-	default:
-		return 0;
-	}
-	mri->mri_cmd[0] = mrh->mrh_type;
-	dlen -= sizeof(*mrh);
-
-	/*
-	 * Only processes RESPONSE's
-	 */
-	if (mrh->mrh_type != 0x02)
-		return 0;
-
-	/*
-	 * Skip over some bytes...what are these really ?
-	 */
-	if (dlen <= 44)
-		return 0;
-	s = (char *)(mrh + 1) + 20;
-	dlen -= 20;
-	bcopy(s, (char *)&len, sizeof(len));
-	if (len == 1) {
-		s += 20;
-		dlen -= 20;
-	} else if (len == 2) {
-		s += 24;
-		dlen -= 24;
-	} else
-		return 0;
-
-	if (dlen <= 10)
-		return 0;
-	dlen -= 10;
-	bcopy(s, (char *)&sz, sizeof(sz));
-	s += sizeof(sz);
-	bcopy(s, (char *)&sz2, sizeof(sz2));
-	s += sizeof(sz2);
-	if (sz2 != sz)
-		return 0;
-	if (sz > dlen)
-		return 0;
-	if (*s++ != 5)
-		return 0;
-	if (*s++ != 0)
-		return 0;
-	sz -= IPF_MSNRPCSKIP;
-	s += IPF_MSNRPCSKIP;
-	dlen -= IPF_MSNRPCSKIP;
-
-	do {
-		if (sz < 7 || dlen < 7)
-			break;
-		bcopy(s, (char *)&len, sizeof(len));
-		if (dlen < len)
-			break;
-		if (sz < len)
-			break;
-
-		if (len != 1)
-			break;
-		sz -= 3;
-		i = *(s + 2);
-		s += 3;
-		dlen -= 3;
-
-		bcopy(s, (char *)&len, sizeof(len));
-		if (dlen < len)
-			break;
-		if (sz < len)
-			break;
-		s += sizeof(len);
-
-		switch (i)
-		{
-		case 7 :
-			if (len == 2) {
-				bcopy(s, (char *)&mri->mri_rport, 2);
-				mri->mri_flags |= 1;
-			}
-			break;
-		case 9 :
-			if (len == 4) {
-				bcopy(s, (char *)&mri->mri_raddr, 4);
-				mri->mri_flags |= 2;
-			}
-			break;
-		default :
-			break;
-		}
-		sz -= len;
-		s += len;
-		dlen -= len;
-	} while (sz > 0);
-
-	if (mri->mri_flags == 3) {
-		int slen;
-
-		bcopy((char *)fin, (char *)&fi, sizeof(fi));
-		bzero((char *)tcp2, sizeof(*tcp2));
-
-		slen = ip->ip_len;
-		ip->ip_len = fin->fin_hlen + sizeof(*tcp2);
-		bcopy((char *)fin, (char *)&fi, sizeof(fi));
-		bzero((char *)tcp2, sizeof(*tcp2));
-		tcp2->th_win = htons(8192);
-		TCP_OFF_A(tcp2, 5);
-		fi.fin_data[0] = htons(mri->mri_rport);
-		tcp2->th_sport = mri->mri_rport;
-		fi.fin_data[1] = 0;
-		tcp2->th_dport = 0;
-		fi.fin_state = NULL;
-		fi.fin_nat = NULL;
-		fi.fin_dlen = sizeof(*tcp2);
-		fi.fin_plen = fi.fin_hlen + sizeof(*tcp2);
-		fi.fin_dp = (char *)tcp2;
-		fi.fin_fi.fi_daddr = ip->ip_dst.s_addr;
-		fi.fin_fi.fi_saddr = mri->mri_raddr.s_addr;
-		if (!fi.fin_fr)
-			fi.fin_fr = &msnfr;
-		if (fr_stlookup(&fi, NULL, NULL)) {
-			RWLOCK_EXIT(&ipf_state);
-		} else {
-			(void) fr_addstate(&fi, NULL, SI_W_DPORT|SI_CLONE);
-			if (fi.fin_state != NULL)
-				fr_statederef(&fi, (ipstate_t **)&fi.fin_state);
-		}
-		ip->ip_len = slen;
-	}
-	mri->mri_flags = 0;
-	return 0;
-}