diff options
author | Patrick McHardy <kaber@trash.net> | 2008-01-15 02:45:48 -0500 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-01-28 18:02:33 -0500 |
commit | 5447d4777c48218e90844fa6f6e544119075faad (patch) | |
tree | 87c7406ac0397fa062bf36b0769a3a866856c427 /net | |
parent | 2d6462869f8c2edca9dbb53ca3b661a52fc4c144 (diff) |
[NETFILTER]: nf_conntrack_sctp: basic cleanups
Reindent switch cases properly, get rid of weird constructs like "!(x == y)",
put logical operations on the end of the line instead of the next line, get
rid of superfluous braces.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/nf_conntrack_proto_sctp.c | 140 |
1 files changed, 72 insertions, 68 deletions
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c index 9a5ec53b442e..689cc505bf6e 100644 --- a/net/netfilter/nf_conntrack_proto_sctp.c +++ b/net/netfilter/nf_conntrack_proto_sctp.c | |||
@@ -206,28 +206,26 @@ static int do_basic_checks(struct nf_conn *conntrack, | |||
206 | for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) { | 206 | for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) { |
207 | pr_debug("Chunk Num: %d Type: %d\n", count, sch->type); | 207 | pr_debug("Chunk Num: %d Type: %d\n", count, sch->type); |
208 | 208 | ||
209 | if (sch->type == SCTP_CID_INIT | 209 | if (sch->type == SCTP_CID_INIT || |
210 | || sch->type == SCTP_CID_INIT_ACK | 210 | sch->type == SCTP_CID_INIT_ACK || |
211 | || sch->type == SCTP_CID_SHUTDOWN_COMPLETE) { | 211 | sch->type == SCTP_CID_SHUTDOWN_COMPLETE) |
212 | flag = 1; | 212 | flag = 1; |
213 | } | ||
214 | 213 | ||
215 | /* | 214 | /* |
216 | * Cookie Ack/Echo chunks not the first OR | 215 | * Cookie Ack/Echo chunks not the first OR |
217 | * Init / Init Ack / Shutdown compl chunks not the only chunks | 216 | * Init / Init Ack / Shutdown compl chunks not the only chunks |
218 | * OR zero-length. | 217 | * OR zero-length. |
219 | */ | 218 | */ |
220 | if (((sch->type == SCTP_CID_COOKIE_ACK | 219 | if (((sch->type == SCTP_CID_COOKIE_ACK || |
221 | || sch->type == SCTP_CID_COOKIE_ECHO | 220 | sch->type == SCTP_CID_COOKIE_ECHO || |
222 | || flag) | 221 | flag) && |
223 | && count !=0) || !sch->length) { | 222 | count != 0) || !sch->length) { |
224 | pr_debug("Basic checks failed\n"); | 223 | pr_debug("Basic checks failed\n"); |
225 | return 1; | 224 | return 1; |
226 | } | 225 | } |
227 | 226 | ||
228 | if (map) { | 227 | if (map) |
229 | set_bit(sch->type, (void *)map); | 228 | set_bit(sch->type, (void *)map); |
230 | } | ||
231 | } | 229 | } |
232 | 230 | ||
233 | pr_debug("Basic checks passed\n"); | 231 | pr_debug("Basic checks passed\n"); |
@@ -243,39 +241,48 @@ static int new_state(enum ip_conntrack_dir dir, | |||
243 | pr_debug("Chunk type: %d\n", chunk_type); | 241 | pr_debug("Chunk type: %d\n", chunk_type); |
244 | 242 | ||
245 | switch (chunk_type) { | 243 | switch (chunk_type) { |
246 | case SCTP_CID_INIT: | 244 | case SCTP_CID_INIT: |
247 | pr_debug("SCTP_CID_INIT\n"); | 245 | pr_debug("SCTP_CID_INIT\n"); |
248 | i = 0; break; | 246 | i = 0; |
249 | case SCTP_CID_INIT_ACK: | 247 | break; |
250 | pr_debug("SCTP_CID_INIT_ACK\n"); | 248 | case SCTP_CID_INIT_ACK: |
251 | i = 1; break; | 249 | pr_debug("SCTP_CID_INIT_ACK\n"); |
252 | case SCTP_CID_ABORT: | 250 | i = 1; |
253 | pr_debug("SCTP_CID_ABORT\n"); | 251 | break; |
254 | i = 2; break; | 252 | case SCTP_CID_ABORT: |
255 | case SCTP_CID_SHUTDOWN: | 253 | pr_debug("SCTP_CID_ABORT\n"); |
256 | pr_debug("SCTP_CID_SHUTDOWN\n"); | 254 | i = 2; |
257 | i = 3; break; | 255 | break; |
258 | case SCTP_CID_SHUTDOWN_ACK: | 256 | case SCTP_CID_SHUTDOWN: |
259 | pr_debug("SCTP_CID_SHUTDOWN_ACK\n"); | 257 | pr_debug("SCTP_CID_SHUTDOWN\n"); |
260 | i = 4; break; | 258 | i = 3; |
261 | case SCTP_CID_ERROR: | 259 | break; |
262 | pr_debug("SCTP_CID_ERROR\n"); | 260 | case SCTP_CID_SHUTDOWN_ACK: |
263 | i = 5; break; | 261 | pr_debug("SCTP_CID_SHUTDOWN_ACK\n"); |
264 | case SCTP_CID_COOKIE_ECHO: | 262 | i = 4; |
265 | pr_debug("SCTP_CID_COOKIE_ECHO\n"); | 263 | break; |
266 | i = 6; break; | 264 | case SCTP_CID_ERROR: |
267 | case SCTP_CID_COOKIE_ACK: | 265 | pr_debug("SCTP_CID_ERROR\n"); |
268 | pr_debug("SCTP_CID_COOKIE_ACK\n"); | 266 | i = 5; |
269 | i = 7; break; | 267 | break; |
270 | case SCTP_CID_SHUTDOWN_COMPLETE: | 268 | case SCTP_CID_COOKIE_ECHO: |
271 | pr_debug("SCTP_CID_SHUTDOWN_COMPLETE\n"); | 269 | pr_debug("SCTP_CID_COOKIE_ECHO\n"); |
272 | i = 8; break; | 270 | i = 6; |
273 | default: | 271 | break; |
274 | /* Other chunks like DATA, SACK, HEARTBEAT and | 272 | case SCTP_CID_COOKIE_ACK: |
275 | its ACK do not cause a change in state */ | 273 | pr_debug("SCTP_CID_COOKIE_ACK\n"); |
276 | pr_debug("Unknown chunk type, Will stay in %s\n", | 274 | i = 7; |
277 | sctp_conntrack_names[cur_state]); | 275 | break; |
278 | return cur_state; | 276 | case SCTP_CID_SHUTDOWN_COMPLETE: |
277 | pr_debug("SCTP_CID_SHUTDOWN_COMPLETE\n"); | ||
278 | i = 8; | ||
279 | break; | ||
280 | default: | ||
281 | /* Other chunks like DATA, SACK, HEARTBEAT and | ||
282 | its ACK do not cause a change in state */ | ||
283 | pr_debug("Unknown chunk type, Will stay in %s\n", | ||
284 | sctp_conntrack_names[cur_state]); | ||
285 | return cur_state; | ||
279 | } | 286 | } |
280 | 287 | ||
281 | pr_debug("dir: %d cur_state: %s chunk_type: %d new_state: %s\n", | 288 | pr_debug("dir: %d cur_state: %s chunk_type: %d new_state: %s\n", |
@@ -307,12 +314,12 @@ static int sctp_packet(struct nf_conn *conntrack, | |||
307 | return -1; | 314 | return -1; |
308 | 315 | ||
309 | /* Check the verification tag (Sec 8.5) */ | 316 | /* Check the verification tag (Sec 8.5) */ |
310 | if (!test_bit(SCTP_CID_INIT, (void *)map) | 317 | if (!test_bit(SCTP_CID_INIT, (void *)map) && |
311 | && !test_bit(SCTP_CID_SHUTDOWN_COMPLETE, (void *)map) | 318 | !test_bit(SCTP_CID_SHUTDOWN_COMPLETE, (void *)map) && |
312 | && !test_bit(SCTP_CID_COOKIE_ECHO, (void *)map) | 319 | !test_bit(SCTP_CID_COOKIE_ECHO, (void *)map) && |
313 | && !test_bit(SCTP_CID_ABORT, (void *)map) | 320 | !test_bit(SCTP_CID_ABORT, (void *)map) && |
314 | && !test_bit(SCTP_CID_SHUTDOWN_ACK, (void *)map) | 321 | !test_bit(SCTP_CID_SHUTDOWN_ACK, (void *)map) && |
315 | && (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)])) { | 322 | sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) { |
316 | pr_debug("Verification tag check failed\n"); | 323 | pr_debug("Verification tag check failed\n"); |
317 | return -1; | 324 | return -1; |
318 | } | 325 | } |
@@ -330,24 +337,22 @@ static int sctp_packet(struct nf_conn *conntrack, | |||
330 | } | 337 | } |
331 | } else if (sch->type == SCTP_CID_ABORT) { | 338 | } else if (sch->type == SCTP_CID_ABORT) { |
332 | /* Sec 8.5.1 (B) */ | 339 | /* Sec 8.5.1 (B) */ |
333 | if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) | 340 | if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)] && |
334 | && !(sh->vtag == conntrack->proto.sctp.vtag | 341 | sh->vtag != conntrack->proto.sctp.vtag[1 - CTINFO2DIR(ctinfo)]) { |
335 | [1 - CTINFO2DIR(ctinfo)])) { | ||
336 | write_unlock_bh(&sctp_lock); | 342 | write_unlock_bh(&sctp_lock); |
337 | return -1; | 343 | return -1; |
338 | } | 344 | } |
339 | } else if (sch->type == SCTP_CID_SHUTDOWN_COMPLETE) { | 345 | } else if (sch->type == SCTP_CID_SHUTDOWN_COMPLETE) { |
340 | /* Sec 8.5.1 (C) */ | 346 | /* Sec 8.5.1 (C) */ |
341 | if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) | 347 | if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)] && |
342 | && !(sh->vtag == conntrack->proto.sctp.vtag | 348 | sh->vtag != conntrack->proto.sctp.vtag[1 - CTINFO2DIR(ctinfo)] && |
343 | [1 - CTINFO2DIR(ctinfo)] | 349 | (sch->flags & 1)) { |
344 | && (sch->flags & 1))) { | ||
345 | write_unlock_bh(&sctp_lock); | 350 | write_unlock_bh(&sctp_lock); |
346 | return -1; | 351 | return -1; |
347 | } | 352 | } |
348 | } else if (sch->type == SCTP_CID_COOKIE_ECHO) { | 353 | } else if (sch->type == SCTP_CID_COOKIE_ECHO) { |
349 | /* Sec 8.5.1 (D) */ | 354 | /* Sec 8.5.1 (D) */ |
350 | if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)])) { | 355 | if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) { |
351 | write_unlock_bh(&sctp_lock); | 356 | write_unlock_bh(&sctp_lock); |
352 | return -1; | 357 | return -1; |
353 | } | 358 | } |
@@ -366,15 +371,15 @@ static int sctp_packet(struct nf_conn *conntrack, | |||
366 | } | 371 | } |
367 | 372 | ||
368 | /* If it is an INIT or an INIT ACK note down the vtag */ | 373 | /* If it is an INIT or an INIT ACK note down the vtag */ |
369 | if (sch->type == SCTP_CID_INIT | 374 | if (sch->type == SCTP_CID_INIT || |
370 | || sch->type == SCTP_CID_INIT_ACK) { | 375 | sch->type == SCTP_CID_INIT_ACK) { |
371 | sctp_inithdr_t _inithdr, *ih; | 376 | sctp_inithdr_t _inithdr, *ih; |
372 | 377 | ||
373 | ih = skb_header_pointer(skb, offset + sizeof(sctp_chunkhdr_t), | 378 | ih = skb_header_pointer(skb, offset + sizeof(sctp_chunkhdr_t), |
374 | sizeof(_inithdr), &_inithdr); | 379 | sizeof(_inithdr), &_inithdr); |
375 | if (ih == NULL) { | 380 | if (ih == NULL) { |
376 | write_unlock_bh(&sctp_lock); | 381 | write_unlock_bh(&sctp_lock); |
377 | return -1; | 382 | return -1; |
378 | } | 383 | } |
379 | pr_debug("Setting vtag %x for dir %d\n", | 384 | pr_debug("Setting vtag %x for dir %d\n", |
380 | ih->init_tag, !CTINFO2DIR(ctinfo)); | 385 | ih->init_tag, !CTINFO2DIR(ctinfo)); |
@@ -389,9 +394,9 @@ static int sctp_packet(struct nf_conn *conntrack, | |||
389 | 394 | ||
390 | nf_ct_refresh_acct(conntrack, ctinfo, skb, *sctp_timeouts[newconntrack]); | 395 | nf_ct_refresh_acct(conntrack, ctinfo, skb, *sctp_timeouts[newconntrack]); |
391 | 396 | ||
392 | if (oldsctpstate == SCTP_CONNTRACK_COOKIE_ECHOED | 397 | if (oldsctpstate == SCTP_CONNTRACK_COOKIE_ECHOED && |
393 | && CTINFO2DIR(ctinfo) == IP_CT_DIR_REPLY | 398 | CTINFO2DIR(ctinfo) == IP_CT_DIR_REPLY && |
394 | && newconntrack == SCTP_CONNTRACK_ESTABLISHED) { | 399 | newconntrack == SCTP_CONNTRACK_ESTABLISHED) { |
395 | pr_debug("Setting assured bit\n"); | 400 | pr_debug("Setting assured bit\n"); |
396 | set_bit(IPS_ASSURED_BIT, &conntrack->status); | 401 | set_bit(IPS_ASSURED_BIT, &conntrack->status); |
397 | nf_conntrack_event_cache(IPCT_STATUS, skb); | 402 | nf_conntrack_event_cache(IPCT_STATUS, skb); |
@@ -418,11 +423,10 @@ static int sctp_new(struct nf_conn *conntrack, const struct sk_buff *skb, | |||
418 | return 0; | 423 | return 0; |
419 | 424 | ||
420 | /* If an OOTB packet has any of these chunks discard (Sec 8.4) */ | 425 | /* If an OOTB packet has any of these chunks discard (Sec 8.4) */ |
421 | if ((test_bit (SCTP_CID_ABORT, (void *)map)) | 426 | if (test_bit (SCTP_CID_ABORT, (void *)map) || |
422 | || (test_bit (SCTP_CID_SHUTDOWN_COMPLETE, (void *)map)) | 427 | test_bit (SCTP_CID_SHUTDOWN_COMPLETE, (void *)map) || |
423 | || (test_bit (SCTP_CID_COOKIE_ACK, (void *)map))) { | 428 | test_bit (SCTP_CID_COOKIE_ACK, (void *)map)) |
424 | return 0; | 429 | return 0; |
425 | } | ||
426 | 430 | ||
427 | newconntrack = SCTP_CONNTRACK_MAX; | 431 | newconntrack = SCTP_CONNTRACK_MAX; |
428 | for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) { | 432 | for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) { |