patch-2.4.5 linux/net/ipv4/syncookies.c

• Lines: 180
• Date: Wed May 16 10:31:27 2001
• Orig file: v2.4.4/linux/net/ipv4/syncookies.c
• Orig date: Thu Apr 12 12:11:39 2001

diff -u --recursive --new-file v2.4.4/linux/net/ipv4/syncookies.c linux/net/ipv4/syncookies.c
@@ -9,7 +9,7 @@
  *      as published by the Free Software Foundation; either version
  *      2 of the License, or (at your option) any later version.
  * 
- *  $Id: syncookies.c,v 1.13 2001/02/13 01:17:26 davem Exp $
+ *  $Id: syncookies.c,v 1.14 2001/05/05 01:01:55 davem Exp $
  *
  *  Missing: IPv6 support. 
  */
@@ -31,14 +31,14 @@
  * Unresolved Issues: HIPPI with a 64k MSS is not well supported.
  */
 static __u16 const msstab[] = {
-	64-1,
-	256-1,	
-	512-1,
-	536-1,
-	1024-1,	
-	1440-1,
-	1460-1,
-	4312-1,
+	64 - 1,
+	256 - 1,	
+	512 - 1,
+	536 - 1,
+	1024 - 1,	
+	1440 - 1,
+	1460 - 1,
+	4312 - 1,
 	(__u16)-1
 };
 /* The number doesn't include the -1 terminator */
@@ -48,24 +48,23 @@
  * Generate a syncookie.  mssp points to the mss, which is returned
  * rounded down to the value encoded in the cookie.
  */
-__u32 cookie_v4_init_sequence(struct sock *sk, struct sk_buff *skb, 
-			      __u16 *mssp)
+__u32 cookie_v4_init_sequence(struct sock *sk, struct sk_buff *skb, __u16 *mssp)
 {
 	int mssind;
 	const __u16 mss = *mssp;
 
 	tcp_lastsynq_overflow = jiffies;
 	/* XXX sort msstab[] by probability?  Binary search? */
-	for (mssind = 0; mss > msstab[mssind+1]; mssind++)
+	for (mssind = 0; mss > msstab[mssind + 1]; mssind++)
 		;
-	*mssp = msstab[mssind]+1;
+	*mssp = msstab[mssind] + 1;
 
 	NET_INC_STATS_BH(SyncookiesSent);
 
 	return secure_tcp_syn_cookie(skb->nh.iph->saddr, skb->nh.iph->daddr,
 				     skb->h.th->source, skb->h.th->dest,
 				     ntohl(skb->h.th->seq),
-				     jiffies / (HZ*60), mssind);
+				     jiffies / (HZ * 60), mssind);
 }
 
 /* 
@@ -91,16 +90,16 @@
 	mssind = check_tcp_syn_cookie(cookie,
 				      skb->nh.iph->saddr, skb->nh.iph->daddr,
 				      skb->h.th->source, skb->h.th->dest,
-				      seq, jiffies/(HZ*60), COUNTER_TRIES);
+				      seq, jiffies / (HZ * 60), COUNTER_TRIES);
 
-	return mssind < NUM_MSS ? msstab[mssind]+1 : 0;
+	return mssind < NUM_MSS ? msstab[mssind] + 1 : 0;
 }
 
 extern struct or_calltable or_ipv4;
 
-static inline struct sock *
-get_cookie_sock(struct sock *sk, struct sk_buff *skb, struct open_request *req,
-		struct dst_entry *dst)
+static inline struct sock *get_cookie_sock(struct sock *sk, struct sk_buff *skb,
+					   struct open_request *req,
+					   struct dst_entry *dst)
 {
 	struct tcp_opt *tp = &(sk->tp_pinfo.af_tcp);
 	struct sock *child;
@@ -114,41 +113,40 @@
 	return child;
 }
 
-struct sock *
-cookie_v4_check(struct sock *sk, struct sk_buff *skb, struct ip_options *opt)
+struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
+			     struct ip_options *opt)
 {
-	__u32 cookie = ntohl(skb->h.th->ack_seq)-1; 
+	__u32 cookie = ntohl(skb->h.th->ack_seq) - 1; 
+	struct sock *ret = sk;
 	struct open_request *req; 
 	int mss; 
 	struct rtable *rt; 
 	__u8 rcv_wscale;
 
-	if (!sysctl_tcp_syncookies)
-		return sk;
-	if (!skb->h.th->ack)
-		return sk; 
+	if (!sysctl_tcp_syncookies || !skb->h.th->ack)
+		goto out;
 
 	mss = cookie_check(skb, cookie);
-	if (mss == 0) {
+	if (!mss) {
 	 	NET_INC_STATS_BH(SyncookiesFailed);
-		return sk;
+		goto out;
 	}
 
 	NET_INC_STATS_BH(SyncookiesRecv);
 
 	req = tcp_openreq_alloc();
-	if (req == NULL)
-		return NULL;	
-
-	req->rcv_isn = htonl(skb->h.th->seq)-1;
-	req->snt_isn = cookie; 
-	req->mss = mss;
- 	req->rmt_port = skb->h.th->source;
+	ret = NULL;
+	if (!req)
+		goto out;
+
+	req->rcv_isn		= htonl(skb->h.th->seq) - 1;
+	req->snt_isn		= cookie; 
+	req->mss		= mss;
+ 	req->rmt_port		= skb->h.th->source;
 	req->af.v4_req.loc_addr = skb->nh.iph->daddr;
 	req->af.v4_req.rmt_addr = skb->nh.iph->saddr;
-	req->class = &or_ipv4; /* for savety */
-
-	req->af.v4_req.opt = NULL;
+	req->class		= &or_ipv4; /* for savety */
+	req->af.v4_req.opt	= NULL;
 
 	/* We throwed the options of the initial SYN away, so we hope
 	 * the ACK carries the same options again (see RFC1122 4.2.3.8)
@@ -166,9 +164,9 @@
 	}
 
 	req->snd_wscale = req->rcv_wscale = req->tstamp_ok = 0;
-	req->wscale_ok = req->sack_ok = 0; 
-	req->expires = 0UL; 
-	req->retrans = 0; 
+	req->wscale_ok	= req->sack_ok = 0; 
+	req->expires	= 0UL; 
+	req->retrans	= 0; 
 	
 	/*
 	 * We need to lookup the route here to get at the correct
@@ -183,18 +181,18 @@
 			    sk->protinfo.af_inet.tos | RTO_CONN,
 			    0)) { 
 		tcp_openreq_free(req);
-		return NULL; 
+		goto out; 
 	}
 
 	/* Try to redo what tcp_v4_send_synack did. */
 	req->window_clamp = rt->u.dst.window;  
-	tcp_select_initial_window(tcp_full_space(sk),req->mss,
+	tcp_select_initial_window(tcp_full_space(sk), req->mss,
 				  &req->rcv_wnd, &req->window_clamp, 
 				  0, &rcv_wscale);
 	/* BTW win scale with syncookies is 0 by definition */
-	req->rcv_wscale = rcv_wscale; 
+	req->rcv_wscale	  = rcv_wscale; 
 
-	return get_cookie_sock(sk, skb, req, &rt->u.dst);
+	ret = get_cookie_sock(sk, skb, req, &rt->u.dst);
+out:	return ret;
 }
-
 #endif