Commit 5447d477 authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller

[NETFILTER]: nf_conntrack_sctp: basic cleanups

Reindent switch cases properly, get rid of weird constructs like "!(x == y)",
put logical operations on the end of the line instead of the next line, get
rid of superfluous braces.
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 2d646286
...@@ -206,28 +206,26 @@ static int do_basic_checks(struct nf_conn *conntrack, ...@@ -206,28 +206,26 @@ static int do_basic_checks(struct nf_conn *conntrack,
for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) { for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) {
pr_debug("Chunk Num: %d Type: %d\n", count, sch->type); pr_debug("Chunk Num: %d Type: %d\n", count, sch->type);
if (sch->type == SCTP_CID_INIT if (sch->type == SCTP_CID_INIT ||
|| sch->type == SCTP_CID_INIT_ACK sch->type == SCTP_CID_INIT_ACK ||
|| sch->type == SCTP_CID_SHUTDOWN_COMPLETE) { sch->type == SCTP_CID_SHUTDOWN_COMPLETE)
flag = 1; flag = 1;
}
/* /*
* Cookie Ack/Echo chunks not the first OR * Cookie Ack/Echo chunks not the first OR
* Init / Init Ack / Shutdown compl chunks not the only chunks * Init / Init Ack / Shutdown compl chunks not the only chunks
* OR zero-length. * OR zero-length.
*/ */
if (((sch->type == SCTP_CID_COOKIE_ACK if (((sch->type == SCTP_CID_COOKIE_ACK ||
|| sch->type == SCTP_CID_COOKIE_ECHO sch->type == SCTP_CID_COOKIE_ECHO ||
|| flag) flag) &&
&& count !=0) || !sch->length) { count != 0) || !sch->length) {
pr_debug("Basic checks failed\n"); pr_debug("Basic checks failed\n");
return 1; return 1;
} }
if (map) { if (map)
set_bit(sch->type, (void *)map); set_bit(sch->type, (void *)map);
}
} }
pr_debug("Basic checks passed\n"); pr_debug("Basic checks passed\n");
...@@ -243,39 +241,48 @@ static int new_state(enum ip_conntrack_dir dir, ...@@ -243,39 +241,48 @@ static int new_state(enum ip_conntrack_dir dir,
pr_debug("Chunk type: %d\n", chunk_type); pr_debug("Chunk type: %d\n", chunk_type);
switch (chunk_type) { switch (chunk_type) {
case SCTP_CID_INIT: case SCTP_CID_INIT:
pr_debug("SCTP_CID_INIT\n"); pr_debug("SCTP_CID_INIT\n");
i = 0; break; i = 0;
case SCTP_CID_INIT_ACK: break;
pr_debug("SCTP_CID_INIT_ACK\n"); case SCTP_CID_INIT_ACK:
i = 1; break; pr_debug("SCTP_CID_INIT_ACK\n");
case SCTP_CID_ABORT: i = 1;
pr_debug("SCTP_CID_ABORT\n"); break;
i = 2; break; case SCTP_CID_ABORT:
case SCTP_CID_SHUTDOWN: pr_debug("SCTP_CID_ABORT\n");
pr_debug("SCTP_CID_SHUTDOWN\n"); i = 2;
i = 3; break; break;
case SCTP_CID_SHUTDOWN_ACK: case SCTP_CID_SHUTDOWN:
pr_debug("SCTP_CID_SHUTDOWN_ACK\n"); pr_debug("SCTP_CID_SHUTDOWN\n");
i = 4; break; i = 3;
case SCTP_CID_ERROR: break;
pr_debug("SCTP_CID_ERROR\n"); case SCTP_CID_SHUTDOWN_ACK:
i = 5; break; pr_debug("SCTP_CID_SHUTDOWN_ACK\n");
case SCTP_CID_COOKIE_ECHO: i = 4;
pr_debug("SCTP_CID_COOKIE_ECHO\n"); break;
i = 6; break; case SCTP_CID_ERROR:
case SCTP_CID_COOKIE_ACK: pr_debug("SCTP_CID_ERROR\n");
pr_debug("SCTP_CID_COOKIE_ACK\n"); i = 5;
i = 7; break; break;
case SCTP_CID_SHUTDOWN_COMPLETE: case SCTP_CID_COOKIE_ECHO:
pr_debug("SCTP_CID_SHUTDOWN_COMPLETE\n"); pr_debug("SCTP_CID_COOKIE_ECHO\n");
i = 8; break; i = 6;
default: break;
/* Other chunks like DATA, SACK, HEARTBEAT and case SCTP_CID_COOKIE_ACK:
its ACK do not cause a change in state */ pr_debug("SCTP_CID_COOKIE_ACK\n");
pr_debug("Unknown chunk type, Will stay in %s\n", i = 7;
sctp_conntrack_names[cur_state]); break;
return cur_state; case SCTP_CID_SHUTDOWN_COMPLETE:
pr_debug("SCTP_CID_SHUTDOWN_COMPLETE\n");
i = 8;
break;
default:
/* Other chunks like DATA, SACK, HEARTBEAT and
its ACK do not cause a change in state */
pr_debug("Unknown chunk type, Will stay in %s\n",
sctp_conntrack_names[cur_state]);
return cur_state;
} }
pr_debug("dir: %d cur_state: %s chunk_type: %d new_state: %s\n", pr_debug("dir: %d cur_state: %s chunk_type: %d new_state: %s\n",
...@@ -307,12 +314,12 @@ static int sctp_packet(struct nf_conn *conntrack, ...@@ -307,12 +314,12 @@ static int sctp_packet(struct nf_conn *conntrack,
return -1; return -1;
/* Check the verification tag (Sec 8.5) */ /* Check the verification tag (Sec 8.5) */
if (!test_bit(SCTP_CID_INIT, (void *)map) if (!test_bit(SCTP_CID_INIT, (void *)map) &&
&& !test_bit(SCTP_CID_SHUTDOWN_COMPLETE, (void *)map) !test_bit(SCTP_CID_SHUTDOWN_COMPLETE, (void *)map) &&
&& !test_bit(SCTP_CID_COOKIE_ECHO, (void *)map) !test_bit(SCTP_CID_COOKIE_ECHO, (void *)map) &&
&& !test_bit(SCTP_CID_ABORT, (void *)map) !test_bit(SCTP_CID_ABORT, (void *)map) &&
&& !test_bit(SCTP_CID_SHUTDOWN_ACK, (void *)map) !test_bit(SCTP_CID_SHUTDOWN_ACK, (void *)map) &&
&& (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)])) { sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) {
pr_debug("Verification tag check failed\n"); pr_debug("Verification tag check failed\n");
return -1; return -1;
} }
...@@ -330,24 +337,22 @@ static int sctp_packet(struct nf_conn *conntrack, ...@@ -330,24 +337,22 @@ static int sctp_packet(struct nf_conn *conntrack,
} }
} else if (sch->type == SCTP_CID_ABORT) { } else if (sch->type == SCTP_CID_ABORT) {
/* Sec 8.5.1 (B) */ /* Sec 8.5.1 (B) */
if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)] &&
&& !(sh->vtag == conntrack->proto.sctp.vtag sh->vtag != conntrack->proto.sctp.vtag[1 - CTINFO2DIR(ctinfo)]) {
[1 - CTINFO2DIR(ctinfo)])) {
write_unlock_bh(&sctp_lock); write_unlock_bh(&sctp_lock);
return -1; return -1;
} }
} else if (sch->type == SCTP_CID_SHUTDOWN_COMPLETE) { } else if (sch->type == SCTP_CID_SHUTDOWN_COMPLETE) {
/* Sec 8.5.1 (C) */ /* Sec 8.5.1 (C) */
if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)] &&
&& !(sh->vtag == conntrack->proto.sctp.vtag sh->vtag != conntrack->proto.sctp.vtag[1 - CTINFO2DIR(ctinfo)] &&
[1 - CTINFO2DIR(ctinfo)] (sch->flags & 1)) {
&& (sch->flags & 1))) {
write_unlock_bh(&sctp_lock); write_unlock_bh(&sctp_lock);
return -1; return -1;
} }
} else if (sch->type == SCTP_CID_COOKIE_ECHO) { } else if (sch->type == SCTP_CID_COOKIE_ECHO) {
/* Sec 8.5.1 (D) */ /* Sec 8.5.1 (D) */
if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)])) { if (sh->vtag != conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) {
write_unlock_bh(&sctp_lock); write_unlock_bh(&sctp_lock);
return -1; return -1;
} }
...@@ -366,15 +371,15 @@ static int sctp_packet(struct nf_conn *conntrack, ...@@ -366,15 +371,15 @@ static int sctp_packet(struct nf_conn *conntrack,
} }
/* If it is an INIT or an INIT ACK note down the vtag */ /* If it is an INIT or an INIT ACK note down the vtag */
if (sch->type == SCTP_CID_INIT if (sch->type == SCTP_CID_INIT ||
|| sch->type == SCTP_CID_INIT_ACK) { sch->type == SCTP_CID_INIT_ACK) {
sctp_inithdr_t _inithdr, *ih; sctp_inithdr_t _inithdr, *ih;
ih = skb_header_pointer(skb, offset + sizeof(sctp_chunkhdr_t), ih = skb_header_pointer(skb, offset + sizeof(sctp_chunkhdr_t),
sizeof(_inithdr), &_inithdr); sizeof(_inithdr), &_inithdr);
if (ih == NULL) { if (ih == NULL) {
write_unlock_bh(&sctp_lock); write_unlock_bh(&sctp_lock);
return -1; return -1;
} }
pr_debug("Setting vtag %x for dir %d\n", pr_debug("Setting vtag %x for dir %d\n",
ih->init_tag, !CTINFO2DIR(ctinfo)); ih->init_tag, !CTINFO2DIR(ctinfo));
...@@ -389,9 +394,9 @@ static int sctp_packet(struct nf_conn *conntrack, ...@@ -389,9 +394,9 @@ static int sctp_packet(struct nf_conn *conntrack,
nf_ct_refresh_acct(conntrack, ctinfo, skb, *sctp_timeouts[newconntrack]); nf_ct_refresh_acct(conntrack, ctinfo, skb, *sctp_timeouts[newconntrack]);
if (oldsctpstate == SCTP_CONNTRACK_COOKIE_ECHOED if (oldsctpstate == SCTP_CONNTRACK_COOKIE_ECHOED &&
&& CTINFO2DIR(ctinfo) == IP_CT_DIR_REPLY CTINFO2DIR(ctinfo) == IP_CT_DIR_REPLY &&
&& newconntrack == SCTP_CONNTRACK_ESTABLISHED) { newconntrack == SCTP_CONNTRACK_ESTABLISHED) {
pr_debug("Setting assured bit\n"); pr_debug("Setting assured bit\n");
set_bit(IPS_ASSURED_BIT, &conntrack->status); set_bit(IPS_ASSURED_BIT, &conntrack->status);
nf_conntrack_event_cache(IPCT_STATUS, skb); nf_conntrack_event_cache(IPCT_STATUS, skb);
...@@ -418,11 +423,10 @@ static int sctp_new(struct nf_conn *conntrack, const struct sk_buff *skb, ...@@ -418,11 +423,10 @@ static int sctp_new(struct nf_conn *conntrack, const struct sk_buff *skb,
return 0; return 0;
/* If an OOTB packet has any of these chunks discard (Sec 8.4) */ /* If an OOTB packet has any of these chunks discard (Sec 8.4) */
if ((test_bit (SCTP_CID_ABORT, (void *)map)) if (test_bit (SCTP_CID_ABORT, (void *)map) ||
|| (test_bit (SCTP_CID_SHUTDOWN_COMPLETE, (void *)map)) test_bit (SCTP_CID_SHUTDOWN_COMPLETE, (void *)map) ||
|| (test_bit (SCTP_CID_COOKIE_ACK, (void *)map))) { test_bit (SCTP_CID_COOKIE_ACK, (void *)map))
return 0; return 0;
}
newconntrack = SCTP_CONNTRACK_MAX; newconntrack = SCTP_CONNTRACK_MAX;
for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) { for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment