Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/netipsec Return early, reduce identation (NFCI)



details:   https://anonhg.NetBSD.org/src/rev/936161d8ce6a
branches:  trunk
changeset: 823330:936161d8ce6a
user:      ozaki-r <ozaki-r%NetBSD.org@localhost>
date:      Wed Apr 19 09:22:17 2017 +0000

description:
Return early, reduce identation (NFCI)

diffstat:

 sys/netipsec/key.c |  344 ++++++++++++++++++++++++++--------------------------
 1 files changed, 174 insertions(+), 170 deletions(-)

diffs (truncated from 374 to 300 lines):

diff -r acda04700ced -r 936161d8ce6a sys/netipsec/key.c
--- a/sys/netipsec/key.c        Wed Apr 19 08:30:00 2017 +0000
+++ b/sys/netipsec/key.c        Wed Apr 19 09:22:17 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: key.c,v 1.112 2017/04/19 07:19:46 ozaki-r Exp $        */
+/*     $NetBSD: key.c,v 1.113 2017/04/19 09:22:17 ozaki-r Exp $        */
 /*     $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $        */
 /*     $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $   */
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.112 2017/04/19 07:19:46 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.113 2017/04/19 09:22:17 ozaki-r Exp $");
 
 /*
  * This code is referd to RFC 2367
@@ -1465,176 +1465,11 @@
        case IPSEC_POLICY_ENTRUST:
        case IPSEC_POLICY_BYPASS:
                newsp->req = NULL;
-               break;
+               *error = 0;
+               return newsp;
 
        case IPSEC_POLICY_IPSEC:
-           {
-               int tlen;
-               const struct sadb_x_ipsecrequest *xisr;
-               uint16_t xisr_reqid;
-               struct ipsecrequest **p_isr = &newsp->req;
-
-               /* validity check */
-               if (PFKEY_EXTLEN(xpl0) < sizeof(*xpl0)) {
-                       ipseclog((LOG_DEBUG,
-                           "key_msg2sp: Invalid msg length.\n"));
-                       KEY_FREESP(&newsp);
-                       *error = EINVAL;
-                       return NULL;
-               }
-
-               tlen = PFKEY_EXTLEN(xpl0) - sizeof(*xpl0);
-               xisr = (const struct sadb_x_ipsecrequest *)(xpl0 + 1);
-
-               while (tlen > 0) {
-                       /* length check */
-                       if (xisr->sadb_x_ipsecrequest_len < sizeof(*xisr)) {
-                               ipseclog((LOG_DEBUG, "key_msg2sp: "
-                                       "invalid ipsecrequest length.\n"));
-                               KEY_FREESP(&newsp);
-                               *error = EINVAL;
-                               return NULL;
-                       }
-
-                       /* allocate request buffer */
-                       KMALLOC(*p_isr, struct ipsecrequest *, sizeof(**p_isr));
-                       if ((*p_isr) == NULL) {
-                               ipseclog((LOG_DEBUG,
-                                   "key_msg2sp: No more memory.\n"));
-                               KEY_FREESP(&newsp);
-                               *error = ENOBUFS;
-                               return NULL;
-                       }
-                       memset(*p_isr, 0, sizeof(**p_isr));
-
-                       /* set values */
-                       (*p_isr)->next = NULL;
-
-                       switch (xisr->sadb_x_ipsecrequest_proto) {
-                       case IPPROTO_ESP:
-                       case IPPROTO_AH:
-                       case IPPROTO_IPCOMP:
-                               break;
-                       default:
-                               ipseclog((LOG_DEBUG,
-                                   "key_msg2sp: invalid proto type=%u\n",
-                                   xisr->sadb_x_ipsecrequest_proto));
-                               KEY_FREESP(&newsp);
-                               *error = EPROTONOSUPPORT;
-                               return NULL;
-                       }
-                       (*p_isr)->saidx.proto = xisr->sadb_x_ipsecrequest_proto;
-
-                       switch (xisr->sadb_x_ipsecrequest_mode) {
-                       case IPSEC_MODE_TRANSPORT:
-                       case IPSEC_MODE_TUNNEL:
-                               break;
-                       case IPSEC_MODE_ANY:
-                       default:
-                               ipseclog((LOG_DEBUG,
-                                   "key_msg2sp: invalid mode=%u\n",
-                                   xisr->sadb_x_ipsecrequest_mode));
-                               KEY_FREESP(&newsp);
-                               *error = EINVAL;
-                               return NULL;
-                       }
-                       (*p_isr)->saidx.mode = xisr->sadb_x_ipsecrequest_mode;
-
-                       switch (xisr->sadb_x_ipsecrequest_level) {
-                       case IPSEC_LEVEL_DEFAULT:
-                       case IPSEC_LEVEL_USE:
-                       case IPSEC_LEVEL_REQUIRE:
-                               break;
-                       case IPSEC_LEVEL_UNIQUE:
-                               xisr_reqid = xisr->sadb_x_ipsecrequest_reqid;
-                               /* validity check */
-                               /*
-                                * If range violation of reqid, kernel will
-                                * update it, don't refuse it.
-                                */
-                               if (xisr_reqid > IPSEC_MANUAL_REQID_MAX) {
-                                       ipseclog((LOG_DEBUG,
-                                           "key_msg2sp: reqid=%d range "
-                                           "violation, updated by kernel.\n",
-                                           xisr_reqid));
-                                       xisr_reqid = 0;
-                               }
-
-                               /* allocate new reqid id if reqid is zero. */
-                               if (xisr_reqid == 0) {
-                                       u_int16_t reqid;
-                                       if ((reqid = key_newreqid()) == 0) {
-                                               KEY_FREESP(&newsp);
-                                               *error = ENOBUFS;
-                                               return NULL;
-                                       }
-                                       (*p_isr)->saidx.reqid = reqid;
-                               } else {
-                               /* set it for manual keying. */
-                                       (*p_isr)->saidx.reqid = xisr_reqid;
-                               }
-                               break;
-
-                       default:
-                               ipseclog((LOG_DEBUG, "key_msg2sp: invalid level=%u\n",
-                                       xisr->sadb_x_ipsecrequest_level));
-                               KEY_FREESP(&newsp);
-                               *error = EINVAL;
-                               return NULL;
-                       }
-                       (*p_isr)->level = xisr->sadb_x_ipsecrequest_level;
-
-                       /* set IP addresses if there */
-                       if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
-                               const struct sockaddr *paddr;
-
-                               paddr = (const struct sockaddr *)(xisr + 1);
-
-                               /* validity check */
-                               if (paddr->sa_len
-                                   > sizeof((*p_isr)->saidx.src)) {
-                                       ipseclog((LOG_DEBUG, "key_msg2sp: invalid request "
-                                               "address length.\n"));
-                                       KEY_FREESP(&newsp);
-                                       *error = EINVAL;
-                                       return NULL;
-                               }
-                               memcpy(&(*p_isr)->saidx.src, paddr, paddr->sa_len);
-
-                               paddr = (const struct sockaddr *)((const char *)paddr
-                                                       + paddr->sa_len);
-
-                               /* validity check */
-                               if (paddr->sa_len
-                                   > sizeof((*p_isr)->saidx.dst)) {
-                                       ipseclog((LOG_DEBUG, "key_msg2sp: invalid request "
-                                               "address length.\n"));
-                                       KEY_FREESP(&newsp);
-                                       *error = EINVAL;
-                                       return NULL;
-                               }
-                               memcpy(&(*p_isr)->saidx.dst, paddr, paddr->sa_len);
-                       }
-
-                       (*p_isr)->sav = NULL;
-                       (*p_isr)->sp = newsp;
-
-                       /* initialization for the next. */
-                       p_isr = &(*p_isr)->next;
-                       tlen -= xisr->sadb_x_ipsecrequest_len;
-
-                       /* validity check */
-                       if (tlen < 0) {
-                               ipseclog((LOG_DEBUG, "key_msg2sp: becoming tlen < 0.\n"));
-                               KEY_FREESP(&newsp);
-                               *error = EINVAL;
-                               return NULL;
-                       }
-
-                       xisr = (const struct sadb_x_ipsecrequest *)((const char *)xisr
-                                        + xisr->sadb_x_ipsecrequest_len);
-               }
-           }
+               /* Continued */
                break;
        default:
                ipseclog((LOG_DEBUG, "key_msg2sp: invalid policy type.\n"));
@@ -1643,6 +1478,175 @@
                return NULL;
        }
 
+       /* IPSEC_POLICY_IPSEC */
+    {
+       int tlen;
+       const struct sadb_x_ipsecrequest *xisr;
+       uint16_t xisr_reqid;
+       struct ipsecrequest **p_isr = &newsp->req;
+
+       /* validity check */
+       if (PFKEY_EXTLEN(xpl0) < sizeof(*xpl0)) {
+               ipseclog((LOG_DEBUG,
+                   "key_msg2sp: Invalid msg length.\n"));
+               KEY_FREESP(&newsp);
+               *error = EINVAL;
+               return NULL;
+       }
+
+       tlen = PFKEY_EXTLEN(xpl0) - sizeof(*xpl0);
+       xisr = (const struct sadb_x_ipsecrequest *)(xpl0 + 1);
+
+       while (tlen > 0) {
+               /* length check */
+               if (xisr->sadb_x_ipsecrequest_len < sizeof(*xisr)) {
+                       ipseclog((LOG_DEBUG, "key_msg2sp: "
+                               "invalid ipsecrequest length.\n"));
+                       KEY_FREESP(&newsp);
+                       *error = EINVAL;
+                       return NULL;
+               }
+
+               /* allocate request buffer */
+               KMALLOC(*p_isr, struct ipsecrequest *, sizeof(**p_isr));
+               if ((*p_isr) == NULL) {
+                       ipseclog((LOG_DEBUG,
+                           "key_msg2sp: No more memory.\n"));
+                       KEY_FREESP(&newsp);
+                       *error = ENOBUFS;
+                       return NULL;
+               }
+               memset(*p_isr, 0, sizeof(**p_isr));
+
+               /* set values */
+               (*p_isr)->next = NULL;
+
+               switch (xisr->sadb_x_ipsecrequest_proto) {
+               case IPPROTO_ESP:
+               case IPPROTO_AH:
+               case IPPROTO_IPCOMP:
+                       break;
+               default:
+                       ipseclog((LOG_DEBUG,
+                           "key_msg2sp: invalid proto type=%u\n",
+                           xisr->sadb_x_ipsecrequest_proto));
+                       KEY_FREESP(&newsp);
+                       *error = EPROTONOSUPPORT;
+                       return NULL;
+               }
+               (*p_isr)->saidx.proto = xisr->sadb_x_ipsecrequest_proto;
+
+               switch (xisr->sadb_x_ipsecrequest_mode) {
+               case IPSEC_MODE_TRANSPORT:
+               case IPSEC_MODE_TUNNEL:
+                       break;
+               case IPSEC_MODE_ANY:
+               default:
+                       ipseclog((LOG_DEBUG,
+                           "key_msg2sp: invalid mode=%u\n",
+                           xisr->sadb_x_ipsecrequest_mode));
+                       KEY_FREESP(&newsp);
+                       *error = EINVAL;
+                       return NULL;
+               }
+               (*p_isr)->saidx.mode = xisr->sadb_x_ipsecrequest_mode;
+
+               switch (xisr->sadb_x_ipsecrequest_level) {
+               case IPSEC_LEVEL_DEFAULT:
+               case IPSEC_LEVEL_USE:
+               case IPSEC_LEVEL_REQUIRE:
+                       break;
+               case IPSEC_LEVEL_UNIQUE:
+                       xisr_reqid = xisr->sadb_x_ipsecrequest_reqid;
+                       /* validity check */
+                       /*
+                        * If range violation of reqid, kernel will
+                        * update it, don't refuse it.
+                        */
+                       if (xisr_reqid > IPSEC_MANUAL_REQID_MAX) {
+                               ipseclog((LOG_DEBUG,
+                                   "key_msg2sp: reqid=%d range "
+                                   "violation, updated by kernel.\n",
+                                   xisr_reqid));
+                               xisr_reqid = 0;
+                       }
+
+                       /* allocate new reqid id if reqid is zero. */
+                       if (xisr_reqid == 0) {
+                               u_int16_t reqid;
+                               if ((reqid = key_newreqid()) == 0) {
+                                       KEY_FREESP(&newsp);



Home | Main Index | Thread Index | Old Index