summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sys/conf/files4
-rw-r--r--sys/net/if_gif.c294
-rw-r--r--sys/net/if_gif.h5
-rw-r--r--sys/netinet/in_gif.c205
-rw-r--r--sys/netinet/in_gif.h39
-rw-r--r--sys/netinet/in_proto.c4
-rw-r--r--sys/netinet6/in6_gif.c193
-rw-r--r--sys/netinet6/in6_gif.h39
-rw-r--r--sys/netinet6/in6_proto.c4
9 files changed, 299 insertions, 488 deletions
diff --git a/sys/conf/files b/sys/conf/files
index 691d7f2cfd9..7d3d5501956 100644
--- a/sys/conf/files
+++ b/sys/conf/files
@@ -1,4 +1,4 @@
-# $OpenBSD: files,v 1.602 2015/09/10 18:39:57 deraadt Exp $
+# $OpenBSD: files,v 1.603 2015/09/28 08:32:04 mpi Exp $
# $NetBSD: files,v 1.87 1996/05/19 17:17:50 jonathan Exp $
# @(#)files.newconf 7.5 (Berkeley) 5/10/93
@@ -937,8 +937,6 @@ file uvm/uvm_vnode.c
# IPv6
file net/if_gif.c gif needs-count
file netinet/ip_ecn.c
-file netinet/in_gif.c gif
-file netinet6/in6_gif.c gif & inet6
file netinet6/in6_pcb.c inet6
file netinet6/in6.c inet6
file netinet6/ip6_divert.c inet6 & pf
diff --git a/sys/net/if_gif.c b/sys/net/if_gif.c
index c30b65872bb..65c8d08d123 100644
--- a/sys/net/if_gif.c
+++ b/sys/net/if_gif.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_gif.c,v 1.79 2015/09/11 08:17:06 claudio Exp $ */
+/* $OpenBSD: if_gif.c,v 1.80 2015/09/28 08:32:05 mpi Exp $ */
/* $KAME: if_gif.c,v 1.43 2001/02/20 08:51:07 itojun Exp $ */
/*
@@ -41,26 +41,36 @@
#include <net/if_var.h>
#include <net/if_types.h>
#include <net/route.h>
-#include <net/bpf.h>
#include <netinet/in.h>
#include <netinet/in_var.h>
-#include <netinet/in_gif.h>
#include <netinet/ip.h>
#include <netinet/ip_ether.h>
#include <netinet/ip_var.h>
+#include <netinet/ip_ipsp.h>
#ifdef INET6
#include <netinet6/in6_var.h>
#include <netinet/ip6.h>
#include <netinet6/ip6_var.h>
-#include <netinet6/in6_gif.h>
#endif /* INET6 */
#include <net/if_gif.h>
#include "bpfilter.h"
+#if NBPFILTER > 0
+#include <net/bpf.h>
+#endif
+
#include "bridge.h"
+#if NBRIDGE > 0 || defined(MPLS)
+#include <netinet/ip_ether.h>
+#endif
+
+#include "pf.h"
+#if NPF > 0
+#include <net/pfvar.h>
+#endif
#define GIF_MTU (1280) /* Default MTU */
#define GIF_MTU_MIN (1280) /* Minimum MTU */
@@ -75,6 +85,9 @@ int gif_ioctl(struct ifnet *, u_long, caddr_t);
int gif_output(struct ifnet *, struct mbuf *, struct sockaddr *,
struct rtentry *);
+int in_gif_output(struct ifnet *, int, struct mbuf **);
+int in6_gif_output(struct ifnet *, int, struct mbuf **);
+
/*
* gif global variable definitions
*/
@@ -628,3 +641,276 @@ gif_checkloop(struct ifnet *ifp, struct mbuf *m)
m_tag_prepend(m, mtag);
return 0;
}
+
+int
+in_gif_output(struct ifnet *ifp, int family, struct mbuf **m0)
+{
+ struct gif_softc *sc = (struct gif_softc*)ifp;
+ struct sockaddr_in *sin_src = satosin(sc->gif_psrc);
+ struct sockaddr_in *sin_dst = satosin(sc->gif_pdst);
+ struct tdb tdb;
+ struct xformsw xfs;
+ int error;
+ struct mbuf *m = *m0;
+
+ if (sin_src == NULL || sin_dst == NULL ||
+ sin_src->sin_family != AF_INET ||
+ sin_dst->sin_family != AF_INET) {
+ m_freem(m);
+ return EAFNOSUPPORT;
+ }
+
+#ifdef DIAGNOSTIC
+ if (ifp->if_rdomain != rtable_l2(m->m_pkthdr.ph_rtableid)) {
+ printf("%s: trying to send packet on wrong domain. "
+ "if %d vs. mbuf %d, AF %d\n", ifp->if_xname,
+ ifp->if_rdomain, rtable_l2(m->m_pkthdr.ph_rtableid),
+ family);
+ }
+#endif
+
+ /* setup dummy tdb. it highly depends on ipip_output() code. */
+ bzero(&tdb, sizeof(tdb));
+ bzero(&xfs, sizeof(xfs));
+ tdb.tdb_src.sin.sin_family = AF_INET;
+ tdb.tdb_src.sin.sin_len = sizeof(struct sockaddr_in);
+ tdb.tdb_src.sin.sin_addr = sin_src->sin_addr;
+ tdb.tdb_dst.sin.sin_family = AF_INET;
+ tdb.tdb_dst.sin.sin_len = sizeof(struct sockaddr_in);
+ tdb.tdb_dst.sin.sin_addr = sin_dst->sin_addr;
+ tdb.tdb_xform = &xfs;
+ xfs.xf_type = -1; /* not XF_IP4 */
+
+ switch (family) {
+ case AF_INET:
+ break;
+#ifdef INET6
+ case AF_INET6:
+ break;
+#endif
+#if NBRIDGE > 0
+ case AF_LINK:
+ break;
+#endif
+#if MPLS
+ case AF_MPLS:
+ break;
+#endif
+ default:
+#ifdef DEBUG
+ printf("%s: warning: unknown family %d passed\n", __func__,
+ family);
+#endif
+ m_freem(m);
+ return EAFNOSUPPORT;
+ }
+
+ /* encapsulate into IPv4 packet */
+ *m0 = NULL;
+#if NBRIDGE > 0
+ if (family == AF_LINK)
+ error = etherip_output(m, &tdb, m0, IPPROTO_ETHERIP);
+ else
+#endif /* NBRIDGE */
+#ifdef MPLS
+ if (family == AF_MPLS)
+ error = etherip_output(m, &tdb, m0, IPPROTO_MPLS);
+ else
+#endif
+ error = ipip_output(m, &tdb, m0, 0, 0);
+ if (error)
+ return error;
+ else if (*m0 == NULL)
+ return EFAULT;
+
+ m = *m0;
+
+ m->m_pkthdr.ph_rtableid = sc->gif_rtableid;
+#if NPF > 0
+ pf_pkt_addr_changed(m);
+#endif
+ return 0;
+}
+
+void
+in_gif_input(struct mbuf *m, ...)
+{
+ int off;
+ struct gif_softc *sc;
+ struct ifnet *gifp = NULL;
+ struct ip *ip;
+ va_list ap;
+
+ va_start(ap, m);
+ off = va_arg(ap, int);
+ va_end(ap);
+
+ /* IP-in-IP header is caused by tunnel mode, so skip gif lookup */
+ if (m->m_flags & M_TUNNEL) {
+ m->m_flags &= ~M_TUNNEL;
+ goto inject;
+ }
+
+ ip = mtod(m, struct ip *);
+
+ /* this code will be soon improved. */
+ LIST_FOREACH(sc, &gif_softc_list, gif_list) {
+ if (sc->gif_psrc == NULL || sc->gif_pdst == NULL ||
+ sc->gif_psrc->sa_family != AF_INET ||
+ sc->gif_pdst->sa_family != AF_INET ||
+ rtable_l2(sc->gif_rtableid) !=
+ rtable_l2(m->m_pkthdr.ph_rtableid)) {
+ continue;
+ }
+
+ if ((sc->gif_if.if_flags & IFF_UP) == 0)
+ continue;
+
+ if (in_hosteq(satosin(sc->gif_psrc)->sin_addr, ip->ip_dst) &&
+ in_hosteq(satosin(sc->gif_pdst)->sin_addr, ip->ip_src)) {
+ gifp = &sc->gif_if;
+ break;
+ }
+ }
+
+ if (gifp) {
+ m->m_pkthdr.ph_ifidx = gifp->if_index;
+ m->m_pkthdr.ph_rtableid = gifp->if_rdomain;
+ gifp->if_ipackets++;
+ gifp->if_ibytes += m->m_pkthdr.len;
+ /* We have a configured GIF */
+ ipip_input(m, off, gifp, ip->ip_p);
+ return;
+ }
+
+inject:
+ ip4_input(m, off); /* No GIF interface was configured */
+ return;
+}
+
+#ifdef INET6
+int
+in6_gif_output(struct ifnet *ifp, int family, struct mbuf **m0)
+{
+ struct gif_softc *sc = (struct gif_softc*)ifp;
+ struct sockaddr_in6 *sin6_src = satosin6(sc->gif_psrc);
+ struct sockaddr_in6 *sin6_dst = satosin6(sc->gif_pdst);
+ struct tdb tdb;
+ struct xformsw xfs;
+ int error;
+ struct mbuf *m = *m0;
+
+ if (sin6_src == NULL || sin6_dst == NULL ||
+ sin6_src->sin6_family != AF_INET6 ||
+ sin6_dst->sin6_family != AF_INET6) {
+ m_freem(m);
+ return EAFNOSUPPORT;
+ }
+
+ /* setup dummy tdb. it highly depends on ipip_output() code. */
+ bzero(&tdb, sizeof(tdb));
+ bzero(&xfs, sizeof(xfs));
+ tdb.tdb_src.sin6.sin6_family = AF_INET6;
+ tdb.tdb_src.sin6.sin6_len = sizeof(struct sockaddr_in6);
+ tdb.tdb_src.sin6.sin6_addr = sin6_src->sin6_addr;
+ tdb.tdb_dst.sin6.sin6_family = AF_INET6;
+ tdb.tdb_dst.sin6.sin6_len = sizeof(struct sockaddr_in6);
+ tdb.tdb_dst.sin6.sin6_addr = sin6_dst->sin6_addr;
+ tdb.tdb_xform = &xfs;
+ xfs.xf_type = -1; /* not XF_IP4 */
+
+ switch (family) {
+ case AF_INET:
+ break;
+#ifdef INET6
+ case AF_INET6:
+ break;
+#endif
+#if NBRIDGE > 0
+ case AF_LINK:
+ break;
+#endif
+#ifdef MPLS
+ case AF_MPLS:
+ break;
+#endif
+ default:
+#ifdef DEBUG
+ printf("%s: warning: unknown family %d passed\n", __func__,
+ family);
+#endif
+ m_freem(m);
+ return EAFNOSUPPORT;
+ }
+
+ /* encapsulate into IPv6 packet */
+ *m0 = NULL;
+#if NBRIDGE > 0
+ if (family == AF_LINK)
+ error = etherip_output(m, &tdb, m0, IPPROTO_ETHERIP);
+ else
+#endif /* NBRIDGE */
+#if MPLS
+ if (family == AF_MPLS)
+ error = etherip_output(m, &tdb, m0, IPPROTO_MPLS);
+ else
+#endif
+ error = ipip_output(m, &tdb, m0, 0, 0);
+ if (error)
+ return error;
+ else if (*m0 == NULL)
+ return EFAULT;
+
+ m = *m0;
+
+#if NPF > 0
+ pf_pkt_addr_changed(m);
+#endif
+ return 0;
+}
+
+int in6_gif_input(struct mbuf **mp, int *offp, int proto)
+{
+ struct mbuf *m = *mp;
+ struct gif_softc *sc;
+ struct ifnet *gifp = NULL;
+ struct ip6_hdr *ip6;
+
+ /* XXX What if we run transport-mode IPsec to protect gif tunnel ? */
+ if (m->m_flags & (M_AUTH | M_CONF))
+ goto inject;
+
+ ip6 = mtod(m, struct ip6_hdr *);
+
+#define satoin6(sa) (satosin6(sa)->sin6_addr)
+ LIST_FOREACH(sc, &gif_softc_list, gif_list) {
+ if (sc->gif_psrc == NULL || sc->gif_pdst == NULL ||
+ sc->gif_psrc->sa_family != AF_INET6 ||
+ sc->gif_pdst->sa_family != AF_INET6) {
+ continue;
+ }
+
+ if ((sc->gif_if.if_flags & IFF_UP) == 0)
+ continue;
+
+ if (IN6_ARE_ADDR_EQUAL(&satoin6(sc->gif_psrc), &ip6->ip6_dst) &&
+ IN6_ARE_ADDR_EQUAL(&satoin6(sc->gif_pdst), &ip6->ip6_src)) {
+ gifp = &sc->gif_if;
+ break;
+ }
+ }
+
+ if (gifp) {
+ m->m_pkthdr.ph_ifidx = gifp->if_index;
+ gifp->if_ipackets++;
+ gifp->if_ibytes += m->m_pkthdr.len;
+ ipip_input(m, *offp, gifp, proto);
+ return IPPROTO_DONE;
+ }
+
+inject:
+ /* No GIF tunnel configured */
+ ip4_input6(&m, offp, proto);
+ return IPPROTO_DONE;
+}
+#endif /* INET6 */
diff --git a/sys/net/if_gif.h b/sys/net/if_gif.h
index 563fd70f1aa..8fe78602d01 100644
--- a/sys/net/if_gif.h
+++ b/sys/net/if_gif.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_gif.h,v 1.13 2015/07/17 18:05:59 mpi Exp $ */
+/* $OpenBSD: if_gif.h,v 1.14 2015/09/28 08:32:05 mpi Exp $ */
/* $KAME: if_gif.h,v 1.17 2000/09/11 11:36:41 sumikawa Exp $ */
/*
@@ -49,4 +49,7 @@ extern LIST_HEAD(gif_softc_head, gif_softc) gif_softc_list;
int gif_encap(struct ifnet *, struct mbuf **, sa_family_t);
+void in_gif_input(struct mbuf *, ...);
+int in6_gif_input(struct mbuf **, int *, int);
+
#endif /* _NET_IF_GIF_H_ */
diff --git a/sys/netinet/in_gif.c b/sys/netinet/in_gif.c
deleted file mode 100644
index cff79901692..00000000000
--- a/sys/netinet/in_gif.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/* $OpenBSD: in_gif.c,v 1.46 2015/08/14 18:07:28 bluhm Exp $ */
-/* $KAME: in_gif.c,v 1.50 2001/01/22 07:27:16 itojun Exp $ */
-
-/*
- * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "pf.h"
-
-#include <sys/param.h>
-#include <sys/systm.h>
-#include <sys/socket.h>
-#include <sys/mbuf.h>
-
-#include <net/if.h>
-#include <net/if_var.h>
-#include <net/route.h>
-#include <net/if_gif.h>
-
-#include <netinet/in.h>
-#include <netinet/ip.h>
-#include <netinet/ip_var.h>
-#include <netinet/in_gif.h>
-#include <netinet/ip_ipsp.h>
-
-#include "gif.h"
-#include "bridge.h"
-#if NBRIDGE > 0 || defined(MPLS)
-#include <netinet/ip_ether.h>
-#endif
-
-#if NPF > 0
-#include <net/pfvar.h>
-#endif
-
-int
-in_gif_output(struct ifnet *ifp, int family, struct mbuf **m0)
-{
- struct gif_softc *sc = (struct gif_softc*)ifp;
- struct sockaddr_in *sin_src = satosin(sc->gif_psrc);
- struct sockaddr_in *sin_dst = satosin(sc->gif_pdst);
- struct tdb tdb;
- struct xformsw xfs;
- int error;
- struct mbuf *m = *m0;
-
- if (sin_src == NULL || sin_dst == NULL ||
- sin_src->sin_family != AF_INET ||
- sin_dst->sin_family != AF_INET) {
- m_freem(m);
- return EAFNOSUPPORT;
- }
-
-#ifdef DIAGNOSTIC
- if (ifp->if_rdomain != rtable_l2(m->m_pkthdr.ph_rtableid)) {
- printf("%s: trying to send packet on wrong domain. "
- "if %d vs. mbuf %d, AF %d\n", ifp->if_xname,
- ifp->if_rdomain, rtable_l2(m->m_pkthdr.ph_rtableid),
- family);
- }
-#endif
-
- /* setup dummy tdb. it highly depends on ipip_output() code. */
- bzero(&tdb, sizeof(tdb));
- bzero(&xfs, sizeof(xfs));
- tdb.tdb_src.sin.sin_family = AF_INET;
- tdb.tdb_src.sin.sin_len = sizeof(struct sockaddr_in);
- tdb.tdb_src.sin.sin_addr = sin_src->sin_addr;
- tdb.tdb_dst.sin.sin_family = AF_INET;
- tdb.tdb_dst.sin.sin_len = sizeof(struct sockaddr_in);
- tdb.tdb_dst.sin.sin_addr = sin_dst->sin_addr;
- tdb.tdb_xform = &xfs;
- xfs.xf_type = -1; /* not XF_IP4 */
-
- switch (family) {
- case AF_INET:
- break;
-#ifdef INET6
- case AF_INET6:
- break;
-#endif
-#if NBRIDGE > 0
- case AF_LINK:
- break;
-#endif
-#if MPLS
- case AF_MPLS:
- break;
-#endif
- default:
-#ifdef DEBUG
- printf("in_gif_output: warning: unknown family %d passed\n",
- family);
-#endif
- m_freem(m);
- return EAFNOSUPPORT;
- }
-
- /* encapsulate into IPv4 packet */
- *m0 = NULL;
-#if NBRIDGE > 0
- if (family == AF_LINK)
- error = etherip_output(m, &tdb, m0, IPPROTO_ETHERIP);
- else
-#endif /* NBRIDGE */
-#ifdef MPLS
- if (family == AF_MPLS)
- error = etherip_output(m, &tdb, m0, IPPROTO_MPLS);
- else
-#endif
- error = ipip_output(m, &tdb, m0, 0, 0);
- if (error)
- return error;
- else if (*m0 == NULL)
- return EFAULT;
-
- m = *m0;
-
- m->m_pkthdr.ph_rtableid = sc->gif_rtableid;
-#if NPF > 0
- pf_pkt_addr_changed(m);
-#endif
- return 0;
-}
-
-void
-in_gif_input(struct mbuf *m, ...)
-{
- int off;
- struct gif_softc *sc;
- struct ifnet *gifp = NULL;
- struct ip *ip;
- va_list ap;
-
- va_start(ap, m);
- off = va_arg(ap, int);
- va_end(ap);
-
- /* IP-in-IP header is caused by tunnel mode, so skip gif lookup */
- if (m->m_flags & M_TUNNEL) {
- m->m_flags &= ~M_TUNNEL;
- goto inject;
- }
-
- ip = mtod(m, struct ip *);
-
- /* this code will be soon improved. */
- LIST_FOREACH(sc, &gif_softc_list, gif_list) {
- if (sc->gif_psrc == NULL || sc->gif_pdst == NULL ||
- sc->gif_psrc->sa_family != AF_INET ||
- sc->gif_pdst->sa_family != AF_INET ||
- rtable_l2(sc->gif_rtableid) !=
- rtable_l2(m->m_pkthdr.ph_rtableid)) {
- continue;
- }
-
- if ((sc->gif_if.if_flags & IFF_UP) == 0)
- continue;
-
- if (in_hosteq(satosin(sc->gif_psrc)->sin_addr, ip->ip_dst) &&
- in_hosteq(satosin(sc->gif_pdst)->sin_addr, ip->ip_src)) {
- gifp = &sc->gif_if;
- break;
- }
- }
-
- if (gifp) {
- m->m_pkthdr.ph_ifidx = gifp->if_index;
- m->m_pkthdr.ph_rtableid = gifp->if_rdomain;
- gifp->if_ipackets++;
- gifp->if_ibytes += m->m_pkthdr.len;
- /* We have a configured GIF */
- ipip_input(m, off, gifp, ip->ip_p);
- return;
- }
-
-inject:
- ip4_input(m, off); /* No GIF interface was configured */
- return;
-}
diff --git a/sys/netinet/in_gif.h b/sys/netinet/in_gif.h
deleted file mode 100644
index aa4b660a2b6..00000000000
--- a/sys/netinet/in_gif.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* $OpenBSD: in_gif.h,v 1.6 2010/05/11 09:36:07 claudio Exp $ */
-/* $KAME: in_gif.h,v 1.5 2000/04/14 08:36:02 itojun Exp $ */
-
-/*
- * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef _NETINET_IN_GIF_H_
-#define _NETINET_IN_GIF_H_
-
-void in_gif_input(struct mbuf *, ...);
-int in_gif_output(struct ifnet *, int, struct mbuf **);
-
-#endif /*_NETINET_IN_GIF_H_*/
diff --git a/sys/netinet/in_proto.c b/sys/netinet/in_proto.c
index d8dea422e47..8196ffd0d4a 100644
--- a/sys/netinet/in_proto.c
+++ b/sys/netinet/in_proto.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: in_proto.c,v 1.66 2015/09/04 08:43:39 mpi Exp $ */
+/* $OpenBSD: in_proto.c,v 1.67 2015/09/28 08:32:05 mpi Exp $ */
/* $NetBSD: in_proto.c,v 1.14 1996/02/18 18:58:32 christos Exp $ */
/*
@@ -134,7 +134,7 @@
#include "gif.h"
#if NGIF > 0
-#include <netinet/in_gif.h>
+#include <net/if_gif.h>
#endif
#ifdef INET6
diff --git a/sys/netinet6/in6_gif.c b/sys/netinet6/in6_gif.c
deleted file mode 100644
index 20f810ac128..00000000000
--- a/sys/netinet6/in6_gif.c
+++ /dev/null
@@ -1,193 +0,0 @@
-/* $OpenBSD: in6_gif.c,v 1.40 2015/06/16 11:09:40 mpi Exp $ */
-/* $KAME: in6_gif.c,v 1.43 2001/01/22 07:27:17 itojun Exp $ */
-
-/*
- * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "pf.h"
-
-#include <sys/param.h>
-#include <sys/systm.h>
-#include <sys/socket.h>
-#include <sys/sockio.h>
-#include <sys/mbuf.h>
-#include <sys/errno.h>
-#include <sys/ioctl.h>
-#include <sys/protosw.h>
-
-#include <net/if.h>
-#include <net/if_var.h>
-
-#include <netinet/in.h>
-#include <netinet/ip_ipsp.h>
-
-#if NPF > 0
-#include <net/pfvar.h>
-#endif
-
-#include <netinet/ip6.h>
-#include <netinet6/ip6_var.h>
-#include <netinet6/in6_gif.h>
-
-#include <netinet/ip_ecn.h>
-
-#include <net/if_gif.h>
-
-#include "bridge.h"
-#if NBRIDGE > 0 || defined(MPLS)
-#include <netinet/ip_ether.h>
-#endif
-
-/*
- * family - family of the packet to be encapsulate.
- */
-int
-in6_gif_output(struct ifnet *ifp, int family, struct mbuf **m0)
-{
- struct gif_softc *sc = (struct gif_softc*)ifp;
- struct sockaddr_in6 *sin6_src = satosin6(sc->gif_psrc);
- struct sockaddr_in6 *sin6_dst = satosin6(sc->gif_pdst);
- struct tdb tdb;
- struct xformsw xfs;
- int error;
- struct mbuf *m = *m0;
-
- if (sin6_src == NULL || sin6_dst == NULL ||
- sin6_src->sin6_family != AF_INET6 ||
- sin6_dst->sin6_family != AF_INET6) {
- m_freem(m);
- return EAFNOSUPPORT;
- }
-
- /* setup dummy tdb. it highly depends on ipip_output() code. */
- bzero(&tdb, sizeof(tdb));
- bzero(&xfs, sizeof(xfs));
- tdb.tdb_src.sin6.sin6_family = AF_INET6;
- tdb.tdb_src.sin6.sin6_len = sizeof(struct sockaddr_in6);
- tdb.tdb_src.sin6.sin6_addr = sin6_src->sin6_addr;
- tdb.tdb_dst.sin6.sin6_family = AF_INET6;
- tdb.tdb_dst.sin6.sin6_len = sizeof(struct sockaddr_in6);
- tdb.tdb_dst.sin6.sin6_addr = sin6_dst->sin6_addr;
- tdb.tdb_xform = &xfs;
- xfs.xf_type = -1; /* not XF_IP4 */
-
- switch (family) {
- case AF_INET:
- break;
-#ifdef INET6
- case AF_INET6:
- break;
-#endif
-#if NBRIDGE > 0
- case AF_LINK:
- break;
-#endif
-#ifdef MPLS
- case AF_MPLS:
- break;
-#endif
- default:
-#ifdef DEBUG
- printf("in6_gif_output: warning: unknown family %d passed\n",
- family);
-#endif
- m_freem(m);
- return EAFNOSUPPORT;
- }
-
- /* encapsulate into IPv6 packet */
- *m0 = NULL;
-#if NBRIDGE > 0
- if (family == AF_LINK)
- error = etherip_output(m, &tdb, m0, IPPROTO_ETHERIP);
- else
-#endif /* NBRIDGE */
-#if MPLS
- if (family == AF_MPLS)
- error = etherip_output(m, &tdb, m0, IPPROTO_MPLS);
- else
-#endif
- error = ipip_output(m, &tdb, m0, 0, 0);
- if (error)
- return error;
- else if (*m0 == NULL)
- return EFAULT;
-
- m = *m0;
-
-#if NPF > 0
- pf_pkt_addr_changed(m);
-#endif
- return 0;
-}
-
-int in6_gif_input(struct mbuf **mp, int *offp, int proto)
-{
- struct mbuf *m = *mp;
- struct gif_softc *sc;
- struct ifnet *gifp = NULL;
- struct ip6_hdr *ip6;
-
- /* XXX What if we run transport-mode IPsec to protect gif tunnel ? */
- if (m->m_flags & (M_AUTH | M_CONF))
- goto inject;
-
- ip6 = mtod(m, struct ip6_hdr *);
-
-#define satoin6(sa) (satosin6(sa)->sin6_addr)
- LIST_FOREACH(sc, &gif_softc_list, gif_list) {
- if (sc->gif_psrc == NULL || sc->gif_pdst == NULL ||
- sc->gif_psrc->sa_family != AF_INET6 ||
- sc->gif_pdst->sa_family != AF_INET6) {
- continue;
- }
-
- if ((sc->gif_if.if_flags & IFF_UP) == 0)
- continue;
-
- if (IN6_ARE_ADDR_EQUAL(&satoin6(sc->gif_psrc), &ip6->ip6_dst) &&
- IN6_ARE_ADDR_EQUAL(&satoin6(sc->gif_pdst), &ip6->ip6_src)) {
- gifp = &sc->gif_if;
- break;
- }
- }
-
- if (gifp) {
- m->m_pkthdr.ph_ifidx = gifp->if_index;
- gifp->if_ipackets++;
- gifp->if_ibytes += m->m_pkthdr.len;
- ipip_input(m, *offp, gifp, proto);
- return IPPROTO_DONE;
- }
-
-inject:
- /* No GIF tunnel configured */
- ip4_input6(&m, offp, proto);
- return IPPROTO_DONE;
-}
diff --git a/sys/netinet6/in6_gif.h b/sys/netinet6/in6_gif.h
deleted file mode 100644
index 62713f69120..00000000000
--- a/sys/netinet6/in6_gif.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* $OpenBSD: in6_gif.h,v 1.6 2010/05/11 09:36:07 claudio Exp $ */
-/* $KAME: in6_gif.h,v 1.5 2000/04/14 08:36:03 itojun Exp $ */
-
-/*
- * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef _NETINET6_IN6_GIF_H_
-#define _NETINET6_IN6_GIF_H_
-
-int in6_gif_output(struct ifnet *, int, struct mbuf **);
-int in6_gif_input(struct mbuf **, int *, int);
-
-#endif /*_NETINET6_IN6_GIF_H_*/
diff --git a/sys/netinet6/in6_proto.c b/sys/netinet6/in6_proto.c
index 3c29cdeb568..ecf704ffdd3 100644
--- a/sys/netinet6/in6_proto.c
+++ b/sys/netinet6/in6_proto.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: in6_proto.c,v 1.80 2015/09/04 08:43:39 mpi Exp $ */
+/* $OpenBSD: in6_proto.c,v 1.81 2015/09/28 08:32:05 mpi Exp $ */
/* $KAME: in6_proto.c,v 1.66 2000/10/10 15:35:47 itojun Exp $ */
/*
@@ -102,7 +102,7 @@
#include "gif.h"
#if NGIF > 0
#include <netinet/ip_ether.h>
-#include <netinet6/in6_gif.h>
+#include <net/if_gif.h>
#endif
#include "carp.h"