diff options
| author | Patrick McHardy <kaber@trash.net> | 2008-01-15 02:45:48 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2008-01-28 18:02:33 -0500 |
| commit | 5447d4777c48218e90844fa6f6e544119075faad (patch) | |
| tree | 87c7406ac0397fa062bf36b0769a3a866856c427 | |
| parent | 2d6462869f8c2edca9dbb53ca3b661a52fc4c144 (diff) | |
[NETFILTER]: nf_conntrack_sctp: basic cleanups
Reindent switch cases properly, get rid of weird constructs like "!(x == y)",
put logical operations on the end of the line instead of the next line, get
rid of superfluous braces.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | net/netfilter/nf_conntrack_proto_sctp.c | 140 |
1 files changed, 72 insertions, 68 deletions
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c index 9a5ec53b442e..689cc505bf6e 100644 --- a/net/netfilter/nf_conntrack_proto_sctp.c +++ b/net/netfilter/nf_conntrack_proto_sctp.c | |||
| @@ -206,28 +206,26 @@ static int do_basic_checks(struct nf_conn *conntrack, | |||
| 206 | for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) { | 206 | for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) { |
| 207 | pr_debug("Chunk Num: %d Type: %d\n", count, sch->type); | 207 | pr_debug("Chunk Num: %d Type: %d\n", count, sch->type); |
| 208 | 208 | ||
| 209 | if (sch->type == SCTP_CID_INIT | 209 | if (sch->type == SCTP_CID_INIT || |
| 210 | || sch->type == SCTP_CID_INIT_ACK | 210 | sch->type == SCTP_CID_INIT_ACK || |
| 211 | || sch->type == SCTP_CID_SHUTDOWN_COMPLETE) { | 211 | sch->type == SCTP_CID_SHUTDOWN_COMPLETE) |
| 212 | flag = 1; | 212 | flag = 1; |
| 213 | } | ||
| 214 | 213 | ||
| 215 | /* | 214 | /* |
| 216 | * Cookie Ack/Echo chunks not the first OR | 215 | * Cookie Ack/Echo chunks not the first OR |
| 217 | * Init / Init Ack / Shutdown compl chunks not the only chunks | 216 | * Init / Init Ack / Shutdown compl chunks not the only chunks |
| 218 | * OR zero-length. | 217 | * OR zero-length. |
| 219 | */ | 218 | */ |
| 220 | if (((sch->type == SCTP_CID_COOKIE_ACK | 219 | if (((sch->type == SCTP_CID_COOKIE_ACK || |
| 221 | || sch->type == SCTP_CID_COOKIE_ECHO | 220 | sch->type == SCTP_CID_COOKIE_ECHO || |
| 222 | || flag) | 221 | flag) && |
| 223 | && count !=0) || !sch->length) { | 222 | count != 0) || !sch->length) { |
| 224 | pr_debug("Basic checks failed\n"); | 223 | pr_debug("Basic checks failed\n"); |
| 225 | return 1; | 224 | return 1; |
| 226 | } | 225 | } |
| 227 | 226 | ||
| 228 | if (map) { | 227 | if (map) |
| 229 | set_bit(sch->type, (void *)map); | 228 | set_bit(sch->type, (void *)map); |
| 230 | } | ||
| 231 | } | 229 | } |
| 232 | 230 | ||
| 233 | pr_debug("Basic checks passed\n"); | 231 | pr_debug("Basic checks passed\n"); |
| @@ -243,39 +241,48 @@ static int new_state(enum ip_conntrack_dir dir, | |||
| 243 | pr_debug("Chunk type: %d\n", chunk_type); | 241 | pr_debug("Chunk type: %d\n", chunk_type); |
| 244 | 242 | ||
| 245 | switch (chunk_type) { | 243 | switch (chunk_type) { |
| 246 | case SCTP_CID_INIT: | 244 | case SCTP_CID_INIT: |
| 247 | pr_debug("SCTP_CID_INIT\n"); | 245 | pr_debug("SCTP_CID_INIT\n"); |
| 248 | i = 0; break; | 246 | i = 0; |
| 249 | case SCTP_CID_INIT_ACK: | 247 | break; |
| 250 | pr_debug("SCTP_CID_INIT_ACK\n"); | 248 | case SCTP_CID_INIT_ACK: |
| 251 | i = 1; break; | 249 | pr_debug("SCTP_CID_INIT_ACK\n"); |
| 252 | case SCTP_CID_ABORT: | 250 | i = 1; |
| 253 | pr_debug("SCTP_CID_ABORT\n"); | 251 | break; |
| 254 | i = 2; break; | 252 | case SCTP_CID_ABORT: |
| 255 | case SCTP_CID_SHUTDOWN: | 253 | pr_debug("SCTP_CID_ABORT\n"); |
| 256 | pr_debug("SCTP_CID_SHUTDOWN\n"); | 254 | i = 2; |
| 257 | i = 3; break; | 255 | break; |
| 258 | case SCTP_CID_SHUTDOWN_ACK: | 256 | case SCTP_CID_SHUTDOWN: |
| 259 | pr_debug("SCTP_CID_SHUTDOWN_ACK\n"); | 257 | pr_debug("SCTP_CID_SHUTDOWN\n"); |
| 260 | i = 4; break; | 258 | i = 3; |
| 261 | case SCTP_CID_ERROR: | 259 | break; |
| 262 | pr_debug("SCTP_CID_ERROR\n"); | 260 | case SCTP_CID_SHUTDOWN_ACK: |
| 263 | i = 5; break; | 261 | pr_debug("SCTP_CID_SHUTDOWN_ACK\n"); |
| 264 | case SCTP_CID_COOKIE_ECHO: | 262 | i = 4; |
| 265 | pr_debug("SCTP_CID_COOKIE_ECHO\n"); | 263 | break; |
| 266 | i = 6; break; | 264 | case SCTP_CID_ERROR: |
| 267 | case SCTP_CID_COOKIE_ACK: | 265 | pr_debug("SCTP_CID_ERROR\n"); |
| 268 | pr_debug("SCTP_CID_COOKIE_ACK\n"); | 266 | i = 5; |
| 269 | i = 7; break; | 267 | break; |
| 270 | case SCTP_CID_SHUTDOWN_COMPLETE: | 268 | case SCTP_CID_COOKIE_ECHO: |
| 271 | pr_debug("SCTP_CID_SHUTDOWN_COMPLETE\n"); | 269 | pr_debug("SCTP_CID_COOKIE_ECHO\n"); |
| 272 | i = 8; break; | 270 | i = 6; |
| 273 | default: | 271 | break; |
| 274 | /* Other chunks like DATA, SACK, HEARTBEAT and | 272 | case SCTP_CID_COOKIE_ACK: |
| 275 | its ACK do not cause a change in state */ | 273 | pr_debug("SCTP_CID_COOKIE_ACK\n"); |
| 276 | pr_debug("Unknown chunk type, Will stay in %s\n", | 274 | i = 7; |
| 277 | sctp_conntrack_names[cur_state]); | 275 | break; |
| 278 | return cur_state; | 276 | case SCTP_CID_SHUTDOWN_COMPLETE: |
| 277 | pr_debug("SCTP_CID_SHUTDOWN_COMPLETE\n"); | ||
| 278 | i = 8; | ||
| 279 | break; | ||
| 280 | default: | ||
| 281 | /* Other chunks like DATA, SACK, HEARTBEAT and | ||
| 282 | its ACK do not cause a change in state */ | ||
| 283 | pr_debug("Unknown chunk type, Will stay in %s\n", | ||
| 284 | sctp_conntrack_names[cur_state]); | ||
| 285 | return cur_state; | ||
| 279 | } | 286 | } |
| 280 | 287 | ||
| 281 | pr_debug("dir: %d cur_state: %s chunk_type: %d new_state: %s\n", | 288 | pr_debug("dir: %d cur_state: %s chunk_type: %d new_state: %s\n", |
| @@ -307,12 +314,12 @@ static int sctp_packet(struct nf_conn *conntrack, | |||
| 307 | return -1; | 314 | return -1; |
| 308 | 315 | ||
| 309 | /* Check the verification tag (Sec 8.5) */ | 316 | /* Check the verification tag (Sec 8.5) */ |
| 310 | if (!test_bit(SCTP_CID_INIT, (void *)map) | 317 | if (!test_bit(SCTP_CID_INIT, (void *)map) && |
| 311 | && !test_bit(SCTP_CID_SHUTDOWN_COMPLETE, (void *)map) | 318 | !test_bit(SCTP_CID_SHUTDOWN_COMPLETE, (void *)map) && |
| 312 | && !test_bit(SCTP_CID_COOKIE_ECHO, (void *)map) | 319 | !test_bit(SCTP_CID_COOKIE_ECHO, (void *)map) && |
| 313 | && !test_bit(SCTP_CID_ABORT, (void *)map) | 320 | !test_bit(SCTP_CID_ABORT, (void *)map) && |
| 314 | && !test_bit(SCTP_CID_SHUTDOWN_ACK, (void *)map) | 321 | !test_bit(SCTP_CID_SHUTDOWN_ACK, (void *)map) && |
| 315 | && (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)])) { | 322 | sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) { |
| 316 | pr_debug("Verification tag check failed\n"); | 323 | pr_debug("Verification tag check failed\n"); |
| 317 | return -1; | 324 | return -1; |
| 318 | } | 325 | } |
| @@ -330,24 +337,22 @@ static int sctp_packet(struct nf_conn *conntrack, | |||
| 330 | } | 337 | } |
| 331 | } else if (sch->type == SCTP_CID_ABORT) { | 338 | } else if (sch->type == SCTP_CID_ABORT) { |
| 332 | /* Sec 8.5.1 (B) */ | 339 | /* Sec 8.5.1 (B) */ |
| 333 | if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) | 340 | if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)] && |
| 334 | && !(sh->vtag == conntrack->proto.sctp.vtag | 341 | sh->vtag != conntrack->proto.sctp.vtag[1 - CTINFO2DIR(ctinfo)]) { |
| 335 | [1 - CTINFO2DIR(ctinfo)])) { | ||
| 336 | write_unlock_bh(&sctp_lock); | 342 | write_unlock_bh(&sctp_lock); |
| 337 | return -1; | 343 | return -1; |
| 338 | } | 344 | } |
| 339 | } else if (sch->type == SCTP_CID_SHUTDOWN_COMPLETE) { | 345 | } else if (sch->type == SCTP_CID_SHUTDOWN_COMPLETE) { |
| 340 | /* Sec 8.5.1 (C) */ | 346 | /* Sec 8.5.1 (C) */ |
| 341 | if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) | 347 | if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)] && |
| 342 | && !(sh->vtag == conntrack->proto.sctp.vtag | 348 | sh->vtag != conntrack->proto.sctp.vtag[1 - CTINFO2DIR(ctinfo)] && |
| 343 | [1 - CTINFO2DIR(ctinfo)] | 349 | (sch->flags & 1)) { |
| 344 | && (sch->flags & 1))) { | ||
| 345 | write_unlock_bh(&sctp_lock); | 350 | write_unlock_bh(&sctp_lock); |
| 346 | return -1; | 351 | return -1; |
| 347 | } | 352 | } |
| 348 | } else if (sch->type == SCTP_CID_COOKIE_ECHO) { | 353 | } else if (sch->type == SCTP_CID_COOKIE_ECHO) { |
| 349 | /* Sec 8.5.1 (D) */ | 354 | /* Sec 8.5.1 (D) */ |
| 350 | if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)])) { | 355 | if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) { |
| 351 | write_unlock_bh(&sctp_lock); | 356 | write_unlock_bh(&sctp_lock); |
| 352 | return -1; | 357 | return -1; |
| 353 | } | 358 | } |
| @@ -366,15 +371,15 @@ static int sctp_packet(struct nf_conn *conntrack, | |||
| 366 | } | 371 | } |
| 367 | 372 | ||
| 368 | /* If it is an INIT or an INIT ACK note down the vtag */ | 373 | /* If it is an INIT or an INIT ACK note down the vtag */ |
| 369 | if (sch->type == SCTP_CID_INIT | 374 | if (sch->type == SCTP_CID_INIT || |
| 370 | || sch->type == SCTP_CID_INIT_ACK) { | 375 | sch->type == SCTP_CID_INIT_ACK) { |
| 371 | sctp_inithdr_t _inithdr, *ih; | 376 | sctp_inithdr_t _inithdr, *ih; |
| 372 | 377 | ||
| 373 | ih = skb_header_pointer(skb, offset + sizeof(sctp_chunkhdr_t), | 378 | ih = skb_header_pointer(skb, offset + sizeof(sctp_chunkhdr_t), |
| 374 | sizeof(_inithdr), &_inithdr); | 379 | sizeof(_inithdr), &_inithdr); |
| 375 | if (ih == NULL) { | 380 | if (ih == NULL) { |
| 376 | write_unlock_bh(&sctp_lock); | 381 | write_unlock_bh(&sctp_lock); |
| 377 | return -1; | 382 | return -1; |
| 378 | } | 383 | } |
| 379 | pr_debug("Setting vtag %x for dir %d\n", | 384 | pr_debug("Setting vtag %x for dir %d\n", |
| 380 | ih->init_tag, !CTINFO2DIR(ctinfo)); | 385 | ih->init_tag, !CTINFO2DIR(ctinfo)); |
| @@ -389,9 +394,9 @@ static int sctp_packet(struct nf_conn *conntrack, | |||
| 389 | 394 | ||
| 390 | nf_ct_refresh_acct(conntrack, ctinfo, skb, *sctp_timeouts[newconntrack]); | 395 | nf_ct_refresh_acct(conntrack, ctinfo, skb, *sctp_timeouts[newconntrack]); |
| 391 | 396 | ||
| 392 | if (oldsctpstate == SCTP_CONNTRACK_COOKIE_ECHOED | 397 | if (oldsctpstate == SCTP_CONNTRACK_COOKIE_ECHOED && |
| 393 | && CTINFO2DIR(ctinfo) == IP_CT_DIR_REPLY | 398 | CTINFO2DIR(ctinfo) == IP_CT_DIR_REPLY && |
| 394 | && newconntrack == SCTP_CONNTRACK_ESTABLISHED) { | 399 | newconntrack == SCTP_CONNTRACK_ESTABLISHED) { |
| 395 | pr_debug("Setting assured bit\n"); | 400 | pr_debug("Setting assured bit\n"); |
| 396 | set_bit(IPS_ASSURED_BIT, &conntrack->status); | 401 | set_bit(IPS_ASSURED_BIT, &conntrack->status); |
| 397 | nf_conntrack_event_cache(IPCT_STATUS, skb); | 402 | nf_conntrack_event_cache(IPCT_STATUS, skb); |
| @@ -418,11 +423,10 @@ static int sctp_new(struct nf_conn *conntrack, const struct sk_buff *skb, | |||
| 418 | return 0; | 423 | return 0; |
| 419 | 424 | ||
| 420 | /* If an OOTB packet has any of these chunks discard (Sec 8.4) */ | 425 | /* If an OOTB packet has any of these chunks discard (Sec 8.4) */ |
| 421 | if ((test_bit (SCTP_CID_ABORT, (void *)map)) | 426 | if (test_bit (SCTP_CID_ABORT, (void *)map) || |
| 422 | || (test_bit (SCTP_CID_SHUTDOWN_COMPLETE, (void *)map)) | 427 | test_bit (SCTP_CID_SHUTDOWN_COMPLETE, (void *)map) || |
| 423 | || (test_bit (SCTP_CID_COOKIE_ACK, (void *)map))) { | 428 | test_bit (SCTP_CID_COOKIE_ACK, (void *)map)) |
| 424 | return 0; | 429 | return 0; |
| 425 | } | ||
| 426 | 430 | ||
| 427 | newconntrack = SCTP_CONNTRACK_MAX; | 431 | newconntrack = SCTP_CONNTRACK_MAX; |
| 428 | for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) { | 432 | for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) { |