src - OpenBSD base system

diff options


context:
space:
mode:

author	Theo de Raadt <deraadt@cvs.openbsd.org>	2007-12-14 18:33:43 +0000
committer	Theo de Raadt <deraadt@cvs.openbsd.org>	2007-12-14 18:33:43 +0000
commit	5532e64697944ad4c710705ab1b564052a8f51af (patch)
tree	183870f005f01f56ae179f355463d683575b35a0 /sys/netinet
parent	4cb17e9667a272f7541dbee84ac942404facb823 (diff)

add sysctl entry points into various network layers, in particular to

provide netstat(1) with data it needs; ok claudio reyk

Diffstat (limited to 'sys/netinet')

-rw-r--r--

sys/netinet/igmp.c

-rw-r--r--

sys/netinet/igmp_var.h

-rw-r--r--

sys/netinet/in.h

142

-rw-r--r--

sys/netinet/in_proto.c

-rw-r--r--

sys/netinet/ip_ah.h

-rw-r--r--

sys/netinet/ip_carp.c

-rw-r--r--

sys/netinet/ip_carp.h

-rw-r--r--

sys/netinet/ip_esp.h

-rw-r--r--

sys/netinet/ip_ether.c

-rw-r--r--

sys/netinet/ip_ether.h

-rw-r--r--

sys/netinet/ip_input.c

-rw-r--r--

sys/netinet/ip_ipcomp.h

-rw-r--r--

sys/netinet/ip_ipip.c

-rw-r--r--

sys/netinet/ip_ipip.h

-rw-r--r--

sys/netinet/ip_mroute.c

-rw-r--r--

sys/netinet/ipsec_input.c

-rw-r--r--

sys/netinet/pim_var.h

17 files changed, 345 insertions, 46 deletions

diff --git a/sys/netinet/igmp.c b/sys/netinet/igmp.c
index b7ef843f0c2..c2ca8b0d2ab 100644
--- a/sys/netinet/igmp.c
+++ b/sys/netinet/igmp.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: igmp.c,v 1.25 2007/12/13 20:47:57 millert Exp $ */

+/* $OpenBSD: igmp.c,v 1.26 2007/12/14 18:33:40 deraadt Exp $ */

/* $NetBSD: igmp.c,v 1.15 1996/02/13 23:41:25 christos Exp $ */

@@ -79,6 +79,7 @@

#include <sys/mbuf.h>

#include <sys/socket.h>

#include <sys/protosw.h>

+#include <sys/sysctl.h>

#include <net/if.h>

#include <net/route.h>

@@ -96,6 +97,8 @@

#define IP_MULTICASTOPTS 0

+int *igmpctl_vars[IGMPCTL_MAXID] = IGMPCTL_VARS;

int igmp_timers_are_running;

static struct router_info *rti_head;

struct igmpstat igmpstat;

@@ -623,3 +626,29 @@ igmp_sendpkt(inm, type, addr)

++igmpstat.igps_snd_reports;

}

+/*

+ * Sysctl for igmp variables.

+ */

+int

+igmp_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp,

+ void *newp, size_t newlen)

+ /* All sysctl names at this level are terminal. */

+ if (namelen != 1)

+ return (ENOTDIR);

+ switch (name[0]) {

+ case IGMPCTL_STATS:

+ if (newp != NULL)

+ return (EPERM);

+ return (sysctl_struct(oldp, oldlenp, newp, newlen,

+ &igmpstat, sizeof(igmpstat)));

+ default:

+ if (name[0] < IGMPCTL_MAXID)

+ return (sysctl_int_arr(igmpctl_vars, name, namelen,

+ oldp, oldlenp, newp, newlen));

+ return (ENOPROTOOPT);

+ }

+ /* NOTREACHED */

diff --git a/sys/netinet/igmp_var.h b/sys/netinet/igmp_var.h
index 3f478e5a4fe..c0aaa286ce9 100644
--- a/sys/netinet/igmp_var.h
+++ b/sys/netinet/igmp_var.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: igmp_var.h,v 1.7 2003/06/02 23:28:13 millert Exp $ */

+/* $OpenBSD: igmp_var.h,v 1.8 2007/12/14 18:33:40 deraadt Exp $ */

/* $NetBSD: igmp_var.h,v 1.9 1996/02/13 23:41:31 christos Exp $ */

@@ -62,6 +62,21 @@ struct igmpstat {

u_long igps_snd_reports; /* sent membership reports */

};

+/*

+ * Names for IGMP sysctl objects

+ */

+#define IGMPCTL_STATS 1 /* IGMP statistics */

+#define IGMPCTL_MAXID 2

+#define IGMPCTL_NAMES { \

+ { 0, 0 }, \

+ { "stats", CTLTYPE_STRUCT } \

+#define IGMPCTL_VARS { \

+ NULL \

#ifdef _KERNEL

extern struct igmpstat igmpstat;

@@ -78,5 +93,6 @@ void igmp_joingroup(struct in_multi *);

void igmp_leavegroup(struct in_multi *);

void igmp_fasttimo(void);

void igmp_slowtimo(void);

+int igmp_sysctl(int *, u_int, void *, size_t *, void *, size_t);

#endif /* _KERNEL */

#endif /* _NETINET_IGMP_VAR_H_ */

diff --git a/sys/netinet/in.h b/sys/netinet/in.h
index 1a2e3a98897..ba3695b80ca 100644
--- a/sys/netinet/in.h
+++ b/sys/netinet/in.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: in.h,v 1.75 2007/12/13 20:00:53 reyk Exp $ */

+/* $OpenBSD: in.h,v 1.76 2007/12/14 18:33:40 deraadt Exp $ */

/* $NetBSD: in.h,v 1.20 1996/02/13 23:41:47 christos Exp $ */

@@ -325,7 +325,7 @@ struct ip_mreq {

* Third level is protocol number.

* Fourth level is desired variable within that protocol.

-#define IPPROTO_MAXID (IPPROTO_CARP + 1) /* don't list to IPPROTO_MAX */

+#define IPPROTO_MAXID (IPPROTO_PFSYNC + 1) /* don't list to IPPROTO_MAX */

#define CTL_IPPROTO_NAMES { \

{ "ip", CTLTYPE_NODE }, \

@@ -441,6 +441,134 @@ struct ip_mreq {

{ 0, 0 }, \

{ "carp", CTLTYPE_NODE }, \

+ { 0, 0 }, \

+ { "pfsync", CTLTYPE_NODE }, \

}

@@ -483,7 +611,9 @@ struct ip_mreq {

#define IPCTL_MFORWARDING 31

#define IPCTL_MULTIPATH 32

#define IPCTL_STATS 33 /* IP statistics */

-#define IPCTL_MAXID 34

+#define IPCTL_MRTPROTO 34 /* type of multicast */

+#define IPCTL_MRTSTATS 35

+#define IPCTL_MAXID 36

#define IPCTL_NAMES { \

{ 0, 0 }, \

@@ -519,7 +649,9 @@ struct ip_mreq {

{ "ifq", CTLTYPE_NODE }, \

{ "mforwarding", CTLTYPE_INT }, \

{ "multipath", CTLTYPE_INT }, \

- { "stats", CTLTYPE_STRUCT } \

+ { "stats", CTLTYPE_STRUCT }, \

+ { "mrtproto", CTLTYPE_INT }, \

+ { "mrtstats", CTLTYPE_STRUCT }, \

}

#define IPCTL_VARS { \

NULL, \

@@ -555,6 +687,8 @@ struct ip_mreq {

NULL, \

&ipmforwarding, \

&ipmultipath, \

+ NULL, \

NULL \

}

diff --git a/sys/netinet/in_proto.c b/sys/netinet/in_proto.c
index 924630dc039..6969401128e 100644
--- a/sys/netinet/in_proto.c
+++ b/sys/netinet/in_proto.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: in_proto.c,v 1.46 2007/06/06 09:58:12 henning Exp $ */

+/* $OpenBSD: in_proto.c,v 1.47 2007/12/14 18:33:40 deraadt Exp $ */

/* $NetBSD: in_proto.c,v 1.14 1996/02/18 18:58:32 christos Exp $ */

@@ -229,13 +229,13 @@ struct protosw inetsw[] = {

{ SOCK_RAW, &inetdomain, IPPROTO_IGMP, PR_ATOMIC|PR_ADDR,

igmp_input, rip_output, 0, rip_ctloutput,

rip_usrreq,

- igmp_init, igmp_fasttimo, igmp_slowtimo, 0,

+ igmp_init, igmp_fasttimo, igmp_slowtimo, 0, igmp_sysctl

#ifdef PIM

{ SOCK_RAW, &inetdomain, IPPROTO_PIM, PR_ATOMIC|PR_ADDR,

pim_input, rip_output, 0, rip_ctloutput,

rip_usrreq,

- 0, 0, 0, 0,

+ 0, 0, 0, 0, pim_sysctl

#endif /* PIM */

#ifdef IPSEC

@@ -283,7 +283,7 @@ struct protosw inetsw[] = {

{ SOCK_RAW, &inetdomain, IPPROTO_PFSYNC, PR_ATOMIC|PR_ADDR,

pfsync_input, rip_output, 0, rip_ctloutput,

rip_usrreq,

- 0, 0, 0, 0,

+ 0, 0, 0, 0, pfsync_sysctl

#endif /* NPFSYNC > 0 */

/* raw wildcard */

diff --git a/sys/netinet/ip_ah.h b/sys/netinet/ip_ah.h
index 2ec742dfe11..8d6fe54bcd7 100644
--- a/sys/netinet/ip_ah.h
+++ b/sys/netinet/ip_ah.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_ah.h,v 1.31 2004/02/17 12:07:45 markus Exp $ */

+/* $OpenBSD: ip_ah.h,v 1.32 2007/12/14 18:33:40 deraadt Exp $ */

* The authors of this code are John Ioannidis (ji@tla.org),

* Angelos D. Keromytis (kermit@csd.uch.gr) and

@@ -79,16 +79,19 @@ struct ah

* Names for AH sysctl objects

#define AHCTL_ENABLE 1 /* Enable AH processing */

-#define AHCTL_MAXID 2

+#define AHCTL_STATS 2 /* AH stats */

+#define AHCTL_MAXID 3

#define AHCTL_NAMES { \

{ 0, 0 }, \

{ "enable", CTLTYPE_INT }, \

+ { "stats", CTLTYPE_STRUCT } \

}

#define AHCTL_VARS { \

NULL, \

&ah_enable, \

+ NULL \

}

#ifdef _KERNEL

diff --git a/sys/netinet/ip_carp.c b/sys/netinet/ip_carp.c
index 97f5cab752f..8aebcfcb331 100644
--- a/sys/netinet/ip_carp.c
+++ b/sys/netinet/ip_carp.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_carp.c,v 1.158 2007/11/27 11:34:18 claudio Exp $ */

+/* $OpenBSD: ip_carp.c,v 1.159 2007/12/14 18:33:40 deraadt Exp $ */

@@ -802,10 +802,18 @@ carp_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,

if (namelen != 1)

return (ENOTDIR);

- if (name[0] <= 0 || name[0] >= CARPCTL_MAXID)

- return (ENOPROTOOPT);

- return sysctl_int(oldp, oldlenp, newp, newlen, &carp_opts[name[0]]);

+ switch (name[0]) {

+ case CARPCTL_STATS:

+ if (newp != NULL)

+ return (EPERM);

+ return (sysctl_struct(oldp, oldlenp, newp, newlen,

+ &carpstats, sizeof(carpstats)));

+ default:

+ if (name[0] <= 0 || name[0] >= CARPCTL_MAXID)

+ return (ENOPROTOOPT);

+ return sysctl_int(oldp, oldlenp, newp, newlen,

+ &carp_opts[name[0]]);

+ }

}

diff --git a/sys/netinet/ip_carp.h b/sys/netinet/ip_carp.h
index 60d47df748a..f2d9bf7b046 100644
--- a/sys/netinet/ip_carp.h
+++ b/sys/netinet/ip_carp.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_carp.h,v 1.24 2007/11/22 01:21:40 mpf Exp $ */

+/* $OpenBSD: ip_carp.h,v 1.25 2007/12/14 18:33:40 deraadt Exp $ */

@@ -143,7 +143,8 @@ struct carpreq {

#define CARPCTL_PREEMPT 2 /* high-pri backup preemption mode */

#define CARPCTL_LOG 3 /* log bad packets */

#define CARPCTL_ARPBALANCE 4 /* balance arp responses */

-#define CARPCTL_MAXID 5

+#define CARPCTL_STATS 5 /* CARP stats */

+#define CARPCTL_MAXID 6

#define CARPCTL_NAMES { \

{ 0, 0 }, \

@@ -151,6 +152,7 @@ struct carpreq {

{ "preempt", CTLTYPE_INT }, \

{ "log", CTLTYPE_INT }, \

{ "arpbalance", CTLTYPE_INT }, \

+ { "stats", CTLTYPE_STRUCT }, \

}

#ifdef _KERNEL

diff --git a/sys/netinet/ip_esp.h b/sys/netinet/ip_esp.h
index 887dbdeac28..42a66386a44 100644
--- a/sys/netinet/ip_esp.h
+++ b/sys/netinet/ip_esp.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_esp.h,v 1.40 2004/02/17 12:07:45 markus Exp $ */

+/* $OpenBSD: ip_esp.h,v 1.41 2007/12/14 18:33:41 deraadt Exp $ */

* The authors of this code are John Ioannidis (ji@tla.org),

* Angelos D. Keromytis (kermit@csd.uch.gr) and

@@ -72,13 +72,15 @@ struct espstat

#define ESPCTL_ENABLE 1 /* Enable ESP processing */

#define ESPCTL_UDPENCAP_ENABLE 2 /* Enable ESP over UDP */

#define ESPCTL_UDPENCAP_PORT 3 /* UDP port for encapsulation */

-#define ESPCTL_MAXID 4

+#define ESPCTL_STATS 4 /* ESP Stats */

+#define ESPCTL_MAXID 5

#define ESPCTL_NAMES { \

{ 0, 0 }, \

{ "enable", CTLTYPE_INT }, \

{ "udpencap", CTLTYPE_INT }, \

{ "udpencap_port", CTLTYPE_INT }, \

+ { "stats", CTLTYPE_STRUCT }, \

}

#define ESPCTL_VARS { \

@@ -86,6 +88,7 @@ struct espstat

&esp_enable, \

&udpencap_enable, \

&udpencap_port, \

+ NULL \

}

#ifdef _KERNEL

diff --git a/sys/netinet/ip_ether.c b/sys/netinet/ip_ether.c
index eca7269af15..c29d2dc54bb 100644
--- a/sys/netinet/ip_ether.c
+++ b/sys/netinet/ip_ether.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_ether.c,v 1.50 2007/02/20 19:37:40 claudio Exp $ */

+/* $OpenBSD: ip_ether.c,v 1.51 2007/12/14 18:33:41 deraadt Exp $ */

* The author of this code is Angelos D. Keromytis (kermit@adk.gr)

@@ -425,6 +425,11 @@ etherip_sysctl(name, namelen, oldp, oldlenp, newp, newlen)

case ETHERIPCTL_ALLOW:

return (sysctl_int(oldp, oldlenp, newp, newlen,

&etherip_allow));

+ case ETHERIPCTL_STATS:

+ if (newp != NULL)

+ return (EPERM);

+ return (sysctl_struct(oldp, oldlenp, newp, newlen,

+ &etheripstat, sizeof(etheripstat)));

default:

return (ENOPROTOOPT);

}

diff --git a/sys/netinet/ip_ether.h b/sys/netinet/ip_ether.h
index 7bcde9799a7..c2372557bd6 100644
--- a/sys/netinet/ip_ether.h
+++ b/sys/netinet/ip_ether.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_ether.h,v 1.13 2002/06/09 16:26:10 itojun Exp $ */

+/* $OpenBSD: ip_ether.h,v 1.14 2007/12/14 18:33:41 deraadt Exp $ */

* The author of this code is Angelos D. Keromytis (angelos@adk.gr)

@@ -54,11 +54,13 @@ struct etherip_header {

* Names for Ether-IP sysctl objects

#define ETHERIPCTL_ALLOW 1 /* accept incoming EtherIP packets */

-#define ETHERIPCTL_MAXID 2

+#define ETHERIPCTL_STATS 2 /* etherip stats */

+#define ETHERIPCTL_MAXID 3

#define ETHERIPCTL_NAMES { \

{ 0, 0 }, \

{ "allow", CTLTYPE_INT }, \

+ { "stats", CTLTYPE_STRUCT }, \

}

#ifdef _KERNEL

diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index 8bbe357c553..d8d3c01a4b4 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_input.c,v 1.155 2007/12/13 20:00:53 reyk Exp $ */

+/* $OpenBSD: ip_input.c,v 1.156 2007/12/14 18:33:41 deraadt Exp $ */

/* $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $ */

@@ -63,6 +63,10 @@

#include <net/pfvar.h>

#endif

+#ifdef MROUTING

+#include <netinet/ip_mroute.h>

+#endif

#ifdef IPSEC

#include <netinet/ip_ipsp.h>

#endif /* IPSEC */

@@ -1571,6 +1575,10 @@ ip_sysctl(name, namelen, oldp, oldlenp, newp, newlen)

size_t newlen;

{

int error;

+#ifdef MROUTING

+ extern int ip_mrtproto;

+ extern struct mrtstat mrtstat;

+#endif

/* Almost all sysctl names at this level are terminal. */

if (namelen != 1 && name[0] != IPCTL_IFQUEUE)

@@ -1627,6 +1635,21 @@ ip_sysctl(name, namelen, oldp, oldlenp, newp, newlen)

return (EPERM);

return (sysctl_struct(oldp, oldlenp, newp, newlen,

&ipstat, sizeof(ipstat)));

+ case IPCTL_MRTSTATS:

+#ifdef MROUTING

+ if (newp != NULL)

+ return (EPERM);

+ return (sysctl_struct(oldp, oldlenp, newp, newlen,

+ &mrtstat, sizeof(mrtstat)));

+#else

+ return (EOPNOTSUPP);

+#endif

+ case IPCTL_MRTPROTO:

+#ifdef MROUTING

+ return (sysctl_rdint(oldp, oldlenp, newp, ip_mrtproto));

+#else

+ return (EOPNOTSUPP);

+#endif

default:

if (name[0] < IPCTL_MAXID)

return (sysctl_int_arr(ipctl_vars, name, namelen,

diff --git a/sys/netinet/ip_ipcomp.h b/sys/netinet/ip_ipcomp.h
index 501e0db7bcc..76596ebdadd 100644
--- a/sys/netinet/ip_ipcomp.h
+++ b/sys/netinet/ip_ipcomp.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_ipcomp.h,v 1.6 2004/02/17 12:07:45 markus Exp $ */

+/* $OpenBSD: ip_ipcomp.h,v 1.7 2007/12/14 18:33:41 deraadt Exp $ */

@@ -68,16 +68,19 @@ struct ipcomp {

* Names for IPCOMP sysctl objects

#define IPCOMPCTL_ENABLE 1 /* Enable COMP processing */

-#define IPCOMPCTL_MAXID 2

+#define IPCOMPCTL_STATS 2 /* COMP stats */

+#define IPCOMPCTL_MAXID 3

#define IPCOMPCTL_NAMES { \

{ 0, 0 }, \

- { "enable", CTLTYPE_INT}, \

+ { "enable", CTLTYPE_INT }, \

+ { "stats", CTLTYPE_STRUCT }, \

}

#define IPCOMPCTL_VARS { \

NULL, \

&ipcomp_enable, \

+ NULL \

}

#ifdef _KERNEL

diff --git a/sys/netinet/ip_ipip.c b/sys/netinet/ip_ipip.c
index 4b9fae0b5cb..c763e9b6bd7 100644
--- a/sys/netinet/ip_ipip.c
+++ b/sys/netinet/ip_ipip.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_ipip.c,v 1.39 2007/02/10 15:34:22 claudio Exp $ */

+/* $OpenBSD: ip_ipip.c,v 1.40 2007/12/14 18:33:41 deraadt Exp $ */

* The authors of this code are John Ioannidis (ji@tla.org),

* Angelos D. Keromytis (kermit@csd.uch.gr) and

@@ -633,6 +633,11 @@ ipip_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,

switch (name[0]) {

case IPIPCTL_ALLOW:

return (sysctl_int(oldp, oldlenp, newp, newlen, &ipip_allow));

+ case IPIPCTL_STATS:

+ if (newp != NULL)

+ return (EPERM);

+ return (sysctl_struct(oldp, oldlenp, newp, newlen,

+ &ipipstat, sizeof(ipipstat)));

default:

return (ENOPROTOOPT);

}

diff --git a/sys/netinet/ip_ipip.h b/sys/netinet/ip_ipip.h
index 60561001ef9..ed9755f31f1 100644
--- a/sys/netinet/ip_ipip.h
+++ b/sys/netinet/ip_ipip.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_ipip.h,v 1.5 2002/06/09 16:26:10 itojun Exp $ */

+/* $OpenBSD: ip_ipip.h,v 1.6 2007/12/14 18:33:41 deraadt Exp $ */

* The authors of this code are John Ioannidis (ji@tla.org),

* Angelos D. Keromytis (kermit@csd.uch.gr) and

@@ -64,11 +64,13 @@ struct ipipstat

* Names for IPIP sysctl objects

#define IPIPCTL_ALLOW 1 /* accept incoming IP4 packets */

-#define IPIPCTL_MAXID 2

+#define IPIPCTL_STATS 2 /* IPIP stats */

+#define IPIPCTL_MAXID 3

#define IPIPCTL_NAMES { \

{ 0, 0 }, \

{ "allow", CTLTYPE_INT }, \

+ { "stats", CTLTYPE_STRUCT }, \

}

#ifdef _KERNEL

diff --git a/sys/netinet/ip_mroute.c b/sys/netinet/ip_mroute.c
index 309c5e3ac6a..68af8f8b963 100644
--- a/sys/netinet/ip_mroute.c
+++ b/sys/netinet/ip_mroute.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ip_mroute.c,v 1.48 2007/05/22 09:51:13 michele Exp $ */

+/* $OpenBSD: ip_mroute.c,v 1.49 2007/12/14 18:33:41 deraadt Exp $ */

/* $NetBSD: ip_mroute.c,v 1.85 2004/04/26 01:31:57 matt Exp $ */

@@ -72,6 +72,7 @@

#include <sys/kernel.h>

#include <sys/ioctl.h>

#include <sys/syslog.h>

+#include <sys/sysctl.h>

#include <sys/timeout.h>

#include <net/if.h>

@@ -3405,4 +3406,30 @@ pim_input_to_daemon:

return;

}

+/*

+ * Sysctl for pim variables.

+ */

+int

+pim_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp,

+ void *newp, size_t newlen)

+ /* All sysctl names at this level are terminal. */

+ if (namelen != 1)

+ return (ENOTDIR);

+ switch (name[0]) {

+ case PIMCTL_STATS:

+ if (newp != NULL)

+ return (EPERM);

+ return (sysctl_struct(oldp, oldlenp, newp, newlen,

+ &pimstat, sizeof(pimstat)));

+ default:

+ return (ENOPROTOOPT);

+ }

+ /* NOTREACHED */

#endif /* PIM */

diff --git a/sys/netinet/ipsec_input.c b/sys/netinet/ipsec_input.c
index 16ea0a2cdb7..13370a297be 100644
--- a/sys/netinet/ipsec_input.c
+++ b/sys/netinet/ipsec_input.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ipsec_input.c,v 1.84 2007/05/28 17:16:39 henning Exp $ */

+/* $OpenBSD: ipsec_input.c,v 1.85 2007/12/14 18:33:41 deraadt Exp $ */

* The authors of this code are John Ioannidis (ji@tla.org),

* Angelos D. Keromytis (kermit@csd.uch.gr) and

@@ -644,30 +644,66 @@ int

esp_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,

size_t newlen)

{

- if (name[0] < ESPCTL_MAXID)

- return (sysctl_int_arr(espctl_vars, name, namelen,

- oldp, oldlenp, newp, newlen));

- return (ENOPROTOOPT);

+ /* All sysctl names at this level are terminal. */

+ if (namelen != 1)

+ return (ENOTDIR);

+ switch (name[0]) {

+ case ESPCTL_STATS:

+ if (newp != NULL)

+ return (EPERM);

+ return (sysctl_struct(oldp, oldlenp, newp, newlen,

+ &espstat, sizeof(espstat)));

+ default:

+ if (name[0] < ESPCTL_MAXID)

+ return (sysctl_int_arr(espctl_vars, name, namelen,

+ oldp, oldlenp, newp, newlen));

+ return (ENOPROTOOPT);

+ }

}

int

ah_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,

size_t newlen)

{

- if (name[0] < AHCTL_MAXID)

- return (sysctl_int_arr(ahctl_vars, name, namelen,

- oldp, oldlenp, newp, newlen));

- return (ENOPROTOOPT);

+ /* All sysctl names at this level are terminal. */

+ if (namelen != 1)

+ return (ENOTDIR);

+ switch (name[0]) {

+ case AHCTL_STATS:

+ if (newp != NULL)

+ return (EPERM);

+ return (sysctl_struct(oldp, oldlenp, newp, newlen,

+ &ahstat, sizeof(ahstat)));

+ default:

+ if (name[0] < AHCTL_MAXID)

+ return (sysctl_int_arr(ahctl_vars, name, namelen,

+ oldp, oldlenp, newp, newlen));

+ return (ENOPROTOOPT);

+ }

}

int

ipcomp_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,

size_t newlen)

{

- if (name[0] < IPCOMPCTL_MAXID)

- return (sysctl_int_arr(ipcompctl_vars, name, namelen,

- oldp, oldlenp, newp, newlen));

- return (ENOPROTOOPT);

+ /* All sysctl names at this level are terminal. */

+ if (namelen != 1)

+ return (ENOTDIR);

+ switch (name[0]) {

+ case IPCOMPCTL_STATS:

+ if (newp != NULL)

+ return (EPERM);

+ return (sysctl_struct(oldp, oldlenp, newp, newlen,

+ &ipcompstat, sizeof(ipcompstat)));

+ default:

+ if (name[0] < IPCOMPCTL_MAXID)

+ return (sysctl_int_arr(ipcompctl_vars, name, namelen,

+ oldp, oldlenp, newp, newlen));

+ return (ENOPROTOOPT);

+ }

}

#ifdef INET

diff --git a/sys/netinet/pim_var.h b/sys/netinet/pim_var.h
index 7ff2b55fa29..bddc04a1ff6 100644
--- a/sys/netinet/pim_var.h
+++ b/sys/netinet/pim_var.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: pim_var.h,v 1.2 2006/07/06 02:56:58 brad Exp $ */

+/* $OpenBSD: pim_var.h,v 1.3 2007/12/14 18:33:41 deraadt Exp $ */

/* $NetBSD: pim_var.h,v 1.1 2004/09/04 23:32:29 manu Exp $ */

@@ -77,6 +77,7 @@ struct pimstat {

extern struct pimstat pimstat;

void pim_input(struct mbuf *, ...);

+int pim_sysctl(int *, u_int, void *, size_t *, void *, size_t);

#endif

#endif /* _NETINET_PIM_VAR_H_ */