diff options
Diffstat (limited to 'sys/netinet/tcp_syncache.c')
| -rw-r--r-- | sys/netinet/tcp_syncache.c | 68 |
1 files changed, 34 insertions, 34 deletions
diff --git a/sys/netinet/tcp_syncache.c b/sys/netinet/tcp_syncache.c index 9c918a95e226..91252354bd98 100644 --- a/sys/netinet/tcp_syncache.c +++ b/sys/netinet/tcp_syncache.c @@ -105,7 +105,7 @@ static int tcp_syncookies = 1; SYSCTL_INT(_net_inet_tcp, OID_AUTO, syncookies, CTLFLAG_RW, - &tcp_syncookies, 0, + &tcp_syncookies, 0, "Use TCP SYN cookies if the syncache overflows"); static void syncache_drop(struct syncache *, struct syncache_head *); @@ -117,7 +117,7 @@ static int syncache_respond(struct syncache *, struct mbuf *, struct socket *); #else static int syncache_respond(struct syncache *, struct mbuf *); #endif -static struct socket *syncache_socket(struct syncache *, struct socket *, +static struct socket *syncache_socket(struct syncache *, struct socket *, struct mbuf *m); static void syncache_timer(void *); static u_int32_t syncookie_generate(struct syncache *, u_int32_t *); @@ -169,16 +169,16 @@ SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, rexmtlimit, CTLFLAG_RW, static MALLOC_DEFINE(M_SYNCACHE, "syncache", "TCP syncache"); -#define SYNCACHE_HASH(inc, mask) \ +#define SYNCACHE_HASH(inc, mask) \ ((tcp_syncache.hash_secret ^ \ (inc)->inc_faddr.s_addr ^ \ - ((inc)->inc_faddr.s_addr >> 16) ^ \ + ((inc)->inc_faddr.s_addr >> 16) ^ \ (inc)->inc_fport ^ (inc)->inc_lport) & mask) -#define SYNCACHE_HASH6(inc, mask) \ +#define SYNCACHE_HASH6(inc, mask) \ ((tcp_syncache.hash_secret ^ \ - (inc)->inc6_faddr.s6_addr32[0] ^ \ - (inc)->inc6_faddr.s6_addr32[3] ^ \ + (inc)->inc6_faddr.s6_addr32[0] ^ \ + (inc)->inc6_faddr.s6_addr32[3] ^ \ (inc)->inc_fport ^ (inc)->inc_lport) & mask) #define ENDPTS_EQ(a, b) ( \ @@ -222,16 +222,16 @@ syncache_init(void) tcp_syncache.rexmt_limit = SYNCACHE_MAXREXMTS; tcp_syncache.hash_secret = arc4random(); - TUNABLE_INT_FETCH("net.inet.tcp.syncache.hashsize", + TUNABLE_INT_FETCH("net.inet.tcp.syncache.hashsize", &tcp_syncache.hashsize); - TUNABLE_INT_FETCH("net.inet.tcp.syncache.cachelimit", + TUNABLE_INT_FETCH("net.inet.tcp.syncache.cachelimit", &tcp_syncache.cache_limit); - TUNABLE_INT_FETCH("net.inet.tcp.syncache.bucketlimit", + TUNABLE_INT_FETCH("net.inet.tcp.syncache.bucketlimit", &tcp_syncache.bucket_limit); if (!powerof2(tcp_syncache.hashsize)) { - printf("WARNING: syncache hash size is not a power of 2.\n"); + printf("WARNING: syncache hash size is not a power of 2.\n"); tcp_syncache.hashsize = 512; /* safe default */ - } + } tcp_syncache.hashmask = tcp_syncache.hashsize - 1; /* Allocate the hash table. */ @@ -356,15 +356,15 @@ syncache_timer(xslot) struct inpcb *inp; INP_INFO_WLOCK(&tcbinfo); - if (callout_pending(&tcp_syncache.tt_timerq[slot]) || - !callout_active(&tcp_syncache.tt_timerq[slot])) { + if (callout_pending(&tcp_syncache.tt_timerq[slot]) || + !callout_active(&tcp_syncache.tt_timerq[slot])) { /* XXX can this happen? */ INP_INFO_WUNLOCK(&tcbinfo); - return; - } - callout_deactivate(&tcp_syncache.tt_timerq[slot]); + return; + } + callout_deactivate(&tcp_syncache.tt_timerq[slot]); - nsc = TAILQ_FIRST(&tcp_syncache.timerq[slot]); + nsc = TAILQ_FIRST(&tcp_syncache.timerq[slot]); while (nsc != NULL) { if (ticks < nsc->sc_rxttime) break; @@ -592,7 +592,7 @@ syncache_socket(sc, lso, m) #ifdef INET6 if (sc->sc_inc.inc_isipv6) inp->in6p_laddr = in6addr_any; - else + else #endif inp->inp_laddr.s_addr = INADDR_ANY; inp->inp_lport = 0; @@ -619,7 +619,7 @@ syncache_socket(sc, lso, m) * copied, since it stores previously received options and is * used to detect if each new option is different than the * previous one and hence should be passed to a user. - * If we copied in6p_inputopts, a user would not be able to + * If we copied in6p_inputopts, a user would not be able to * receive options just after calling the accept system call. */ inp->inp_flags |= oinp->inp_flags & INP_CONTROLOPTS; @@ -722,7 +722,7 @@ syncache_socket(sc, lso, m) * If the SYN,ACK was retransmitted, reset cwnd to 1 segment. */ if (sc->sc_rxtslot != 0) - tp->snd_cwnd = tp->t_maxseg; + tp->snd_cwnd = tp->t_maxseg; callout_reset(tp->tt_keep, tcp_keepinit, tcp_timer_keep, tp); INP_UNLOCK(inp); @@ -761,11 +761,11 @@ syncache_expand(inc, th, sop, m) sc = syncache_lookup(inc, &sch); if (sc == NULL) { /* - * There is no syncache entry, so see if this ACK is + * There is no syncache entry, so see if this ACK is * a returning syncookie. To do this, first: * A. See if this socket has had a syncache entry dropped in * the past. We don't want to accept a bogus syncookie - * if we've never received a SYN. + * if we've never received a SYN. * B. check that the syncookie is valid. If it is, then * cobble up a fake syncache entry, and return. */ @@ -888,7 +888,7 @@ syncache_add(inc, to, th, sop, m) TAILQ_REMOVE(&tcp_syncache.timerq[sc->sc_rxtslot], sc, sc_timerq); SYNCACHE_TIMEOUT(sc, sc->sc_rxtslot); - tcpstat.tcps_sndacks++; + tcpstat.tcps_sndacks++; tcpstat.tcps_sndtotal++; } *sop = NULL; @@ -899,7 +899,7 @@ syncache_add(inc, to, th, sop, m) if (sc == NULL) { /* * The zone allocator couldn't provide more entries. - * Treat this as if the cache was full; drop the oldest + * Treat this as if the cache was full; drop the oldest * entry and insert the new one. */ /* NB: guarded by INP_INFO_WLOCK(&tcbinfo) */ @@ -945,7 +945,7 @@ syncache_add(inc, to, th, sop, m) sc->sc_flowlabel = 0; if (tcp_syncookies) { sc->sc_iss = syncookie_generate(sc, &flowtmp); -#ifdef INET6 +#ifdef INET6 if (inc->inc_isipv6 && (sc->sc_tp->t_inpcb->in6p_flags & IN6P_AUTOFLOWLABEL)) { sc->sc_flowlabel = flowtmp & IPV6_FLOWLABEL_MASK; @@ -953,7 +953,7 @@ syncache_add(inc, to, th, sop, m) #endif } else { sc->sc_iss = arc4random(); -#ifdef INET6 +#ifdef INET6 if (inc->inc_isipv6 && (sc->sc_tp->t_inpcb->in6p_flags & IN6P_AUTOFLOWLABEL)) { sc->sc_flowlabel = @@ -1014,7 +1014,7 @@ syncache_add(inc, to, th, sop, m) sc->sc_flags = SCF_SIGNATURE; #endif - if (to->to_flags & TOF_SACK) + if (to->to_flags & TOF_SACK) sc->sc_flags |= SCF_SACK; /* @@ -1112,7 +1112,7 @@ syncache_respond(sc, m) hlen = #ifdef INET6 - (sc->sc_inc.inc_isipv6) ? sizeof(struct ip6_hdr) : + (sc->sc_inc.inc_isipv6) ? sizeof(struct ip6_hdr) : #endif sizeof(struct ip); @@ -1288,7 +1288,7 @@ syncache_respond(sc, m) } else #endif { - th->th_sum = in_pseudo(ip->ip_src.s_addr, ip->ip_dst.s_addr, + th->th_sum = in_pseudo(ip->ip_src.s_addr, ip->ip_dst.s_addr, htons(tlen - hlen + IPPROTO_TCP)); m->m_pkthdr.csum_flags = CSUM_TCP; m->m_pkthdr.csum_data = offsetof(struct tcphdr, th_sum); @@ -1330,7 +1330,7 @@ syncache_respond(sc, m) #define SYNCOOKIE_NSECRETS (1 << SYNCOOKIE_WNDBITS) #define SYNCOOKIE_TIMEOUT \ (hz * (1 << SYNCOOKIE_WNDBITS) / (1 << SYNCOOKIE_TIMESHIFT)) -#define SYNCOOKIE_DATAMASK ((3 << SYNCOOKIE_WNDBITS) | SYNCOOKIE_WNDMASK) +#define SYNCOOKIE_DATAMASK ((3 << SYNCOOKIE_WNDBITS) | SYNCOOKIE_WNDMASK) static struct { u_int32_t ts_secbits[4]; @@ -1355,9 +1355,9 @@ CTASSERT(sizeof(struct md5_add) == 28); /* * Consider the problem of a recreated (and retransmitted) cookie. If the - * original SYN was accepted, the connection is established. The second - * SYN is inflight, and if it arrives with an ISN that falls within the - * receive window, the connection is killed. + * original SYN was accepted, the connection is established. The second + * SYN is inflight, and if it arrives with an ISN that falls within the + * receive window, the connection is killed. * * However, since cookies have other problems, this may not be worth * worrying about. |