[Openswan dev] on the road to 2.4.10 -- fixing some compiler diagnostics
D. Hugh Redelmeier
hugh at mimosa.com
Tue Oct 30 03:47:58 EDT 2007
We get a bunch of warnings when compiling the current CVS version of
Openswan 2.4.10-to-be. Enclosed please find a bunch of patches to
improve this situation.
UNTESTED!
In ipsec_kversion.h:
The SKB_TAIL_POINTER #define is awkward and I've eliminated it.
I indented the conditionally defined macros to make the structure more
readable.
I added a backport definition for define skb_end_pointer because it
was needed several places.
I put parentheses around bodies of function-like macros that didn't
have them -- good style.
In addrtot.c:
I added a function prototype to quiet GCC.
In ipcomp.c:
I used skb_tail_pointer and skb_end_pointer where they were needed.
In ipsec_rcv.c:
I used skb_tail_pointer where it was needed.
I moved the definition of buff[] inside the conditional compilation
where it was used. More efficient and it quiets GCC.
In ipsec_xmit.c:
I eliminated the use of SKB_TAIL_POINTER and added a cast needed to
make an expression legitimate.
In pfkey_v2.c:
I used skb_tail_pointer and skb_end_pointer where they were needed.
In pfkey_v2_parser.c:
Added a redundant #ifdef to shut up GCC.
In sysctl_net_ipsec.c:
The kernel has changed the layout of ctl_table (defined in
linux/sysctl.h). Unfortunately, a new field has been inserted before
the last one we wish to initialize in ipsec_table.
The easiest fix that works with old and new kernels is to use an
initializer that explicitly says which field is being initialized.
Paul: all these changes are in the tree you gave me on your machine.
As you see, each changed file has a corresponding .ORIG file with the
starting point. Good luck!
[dhr at bofh openswan-2]$ for i in linux/include/openswan/*.ORIG linux/net/ipsec/*.ORIG ; do diff -u $i `echo $i | sed -e 's/\.ORIG$//'` ; done
--- linux/include/openswan/ipsec_kversion.h.ORIG 2007-10-27 20:26:03.000000000 -0400
+++ linux/include/openswan/ipsec_kversion.h 2007-10-30 03:07:29.000000000 -0400
@@ -154,21 +154,22 @@
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
/* need to include ip.h early, no longer pick it up in skbuff.h */
#include <linux/ip.h>
-#define HAVE_KERNEL_TSTAMP
-#define SKB_TAIL_POINTER
+# define HAVE_KERNEL_TSTAMP
#else
/* internals of struct skbuff changed */
-#define HAVE_DEV_NEXT
-#define ip_hdr(skb) (skb)->nh.iph
-#define skb_network_header(skb) (skb)->nh.raw
-#define skb_set_network_header(skb,off) ((skb)->nh.raw = (skb)->data + (off))
-#define tcp_hdr(skb) (skb)->h.th
-#define udp_hdr(skb) (skb)->h.uh
-#define skb_transport_header(skb) (skb)->h.raw
-#define skb_set_transport_header(skb,off) ((skb)->h.raw = (skb)->data + (off))
-#define skb_mac_header(skb) (skb)->mac.raw
-#define skb_set_mac_header(skb,off) ((skb)->mac.raw = (skb)->data + (off))
-#define ktime_to_timeval(ts) (ts)
+# define HAVE_DEV_NEXT
+# define ip_hdr(skb) ((skb)->nh.iph)
+# define skb_tail_pointer(skb) ((skb)->tail)
+# define skb_end_pointer(skb) ((skb)->end)
+# define skb_network_header(skb) ((skb)->nh.raw)
+# define skb_set_network_header(skb,off) ((skb)->nh.raw = (skb)->data + (off))
+# define tcp_hdr(skb) ((skb)->h.th)
+# define udp_hdr(skb) ((skb)->h.uh)
+# define skb_transport_header(skb) ((skb)->h.raw)
+# define skb_set_transport_header(skb,off) ((skb)->h.raw = (skb)->data + (off))
+# define skb_mac_header(skb) ((skb)->mac.raw)
+# define skb_set_mac_header(skb,off) ((skb)->mac.raw = (skb)->data + (off))
+# define ktime_to_timeval(ts) (ts)
#endif
/* turn a pointer into an offset for above macros */
#define ipsec_skb_offset(skb, ptr) (((unsigned char *)(ptr)) - (skb)->data)
--- linux/net/ipsec/addrtot.c.ORIG 2005-11-28 23:10:40.000000000 -0500
+++ linux/net/ipsec/addrtot.c 2007-10-30 03:11:52.000000000 -0400
@@ -37,6 +37,8 @@
* Find the first occurrence of find in s.
* (from NetBSD 1.6's /src/lib/libc/string/strstr.c)
*/
+static char *strstr(const char *s, const char *find);
+
static char *
strstr(s, find)
const char *s, *find;
--- linux/net/ipsec/ipcomp.c.ORIG 2007-09-04 23:18:21.000000000 -0400
+++ linux/net/ipsec/ipcomp.c 2007-10-30 03:15:56.000000000 -0400
@@ -99,7 +99,7 @@
ptr = skb_put(skb, extend);
} else {
// shrink the size of the packet
- ptr = skb->tail;
+ ptr = skb_tail_pointer(skb);
skb_trim (skb, skb->len + extend);
}
@@ -605,7 +605,7 @@
if (!iph) return NULL;
iphlen = iph->ihl << 2;
- n=alloc_skb(skb->end - skb->head + data_growth, gfp_mask);
+ n=alloc_skb(skb_end_pointer(skb) - skb->head + data_growth, gfp_mask);
if(n==NULL)
return NULL;
--- linux/net/ipsec/ipsec_rcv.c.ORIG 2007-10-27 20:19:59.000000000 -0400
+++ linux/net/ipsec/ipsec_rcv.c 2007-10-30 02:20:43.000000000 -0400
@@ -875,7 +875,7 @@
*/
__u32 natt_oa = ipsp->ips_natt_oa ?
((struct sockaddr_in*)(ipsp->ips_natt_oa))->sin_addr.s_addr : 0;
- __u16 pkt_len = skb->tail - (unsigned char *)ipp;
+ __u16 pkt_len = skb_tail_pointer(skb) - (unsigned char *)ipp;
__u16 data_len = pkt_len - (ipp->ihl << 2);
switch (ipp->protocol) {
@@ -919,7 +919,6 @@
"NAT-T & TRANSPORT: UDP checksum already 0\n");
}
else if (natt_oa) {
- __u32 buff[2] = { ~natt_oa, ipp->saddr };
KLIPS_PRINT(debug_rcv,
"klips_debug:ipsec_rcv: "
"NAT-T & TRANSPORT: "
@@ -931,9 +930,13 @@
"NAT-T & TRANSPORT: "
"UDP checksum using NAT-OA disabled at compile time\n");
#else
- udp->check = csum_fold(
- csum_partial((unsigned char *)buff, sizeof(buff),
- udp->check^0xffff));
+ {
+ __u32 buff[2] = { ~natt_oa, ipp->saddr };
+
+ udp->check = csum_fold(
+ csum_partial((unsigned char *)buff, sizeof(buff),
+ udp->check^0xffff));
+ }
#endif
}
else {
--- linux/net/ipsec/ipsec_xmit.c.ORIG 2007-10-27 20:26:03.000000000 -0400
+++ linux/net/ipsec/ipsec_xmit.c 2007-10-30 01:44:17.000000000 -0400
@@ -1551,12 +1551,7 @@
*/
__u32 natt_oa = ixs->ipsp->ips_natt_oa ?
((struct sockaddr_in*)(ixs->ipsp->ips_natt_oa))->sin_addr.s_addr : 0;
- /* Paul: breaks on 2.6.22+ on x86_64. do we need skb_tail_pointer() ? */
-#ifdef SKB_TAIL_POINTER
- unsigned int pkt_len = skb_tail_pointer(ixs->skb) - ixs->iph;
-#else
- __u16 pkt_len = ixs->skb->tail - ixs->iph;
-#endif
+ unsigned int pkt_len = skb_tail_pointer(ixs->skb) - (unsigned char *)ixs->iph;
__u16 data_len = pkt_len - (ixs->iph->ihl << 2);
switch (ixs->iph->protocol) {
case IPPROTO_TCP:
--- linux/net/ipsec/pfkey_v2.c.ORIG 2007-09-04 22:56:10.000000000 -0400
+++ linux/net/ipsec/pfkey_v2.c 2007-10-30 03:08:29.000000000 -0400
@@ -538,12 +538,12 @@
printk(" truesize:%d", skb->truesize);
printk(" head:0p%p", skb->head);
printk(" data:0p%p", skb->data);
- printk(" tail:0p%p", skb->tail);
- printk(" end:0p%p", skb->end);
+ printk(" tail:0p%p", skb_tail_pointer(skb));
+ printk(" end:0p%p", skb_end_pointer(skb));
if(sysctl_ipsec_debug_verbose) {
unsigned char* i;
printk(" data");
- for(i = skb->head; i < skb->end; i++) {
+ for(i = skb->head; i < skb_end_pointer(skb); i++) {
printk(":%2x", (unsigned char)(*(i)));
}
}
--- linux/net/ipsec/pfkey_v2_parser.c.ORIG 2007-09-04 22:56:10.000000000 -0400
+++ linux/net/ipsec/pfkey_v2_parser.c 2007-10-30 03:13:52.000000000 -0400
@@ -2471,11 +2471,13 @@
SENDERR(-error);
}
-#if KLIPS_PFKEY_ACQUIRE_LOSSAGE > 0
+#ifdef KLIPS_PFKEY_ACQUIRE_LOSSAGE
+# if KLIPS_PFKEY_ACQUIRE_LOSSAGE > 0
for i in linux/include/openswan/*.ORIG linux/net/ipsec/*.ORIG ; do diff -u $i `echo $i | sed -e 's/\.ORIG$//'` ; done if(sysctl_ipsec_regress_pfkey_lossage) {
return(0);
}
-#endif
+# endif
+#endif
/* this should go to all registered sockets for that satype only */
for(pfkey_socketsp = pfkey_registered_sockets[satype];
--- linux/net/ipsec/sysctl_net_ipsec.c.ORIG 2007-09-04 22:54:13.000000000 -0400
+++ linux/net/ipsec/sysctl_net_ipsec.c 2007-10-30 02:59:03.000000000 -0400
@@ -75,45 +75,45 @@
static ctl_table ipsec_table[] = {
#ifdef CONFIG_KLIPS_DEBUG
{ NET_IPSEC_DEBUG_AH, "debug_ah", &debug_ah,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_DEBUG_ESP, "debug_esp", &debug_esp,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_DEBUG_TUNNEL, "debug_tunnel", &debug_tunnel,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_DEBUG_EROUTE, "debug_eroute", &debug_eroute,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_DEBUG_SPI, "debug_spi", &debug_spi,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_DEBUG_RADIJ, "debug_radij", &debug_radij,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_DEBUG_NETLINK, "debug_netlink", &debug_netlink,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_DEBUG_XFORM, "debug_xform", &debug_xform,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_DEBUG_RCV, "debug_rcv", &debug_rcv,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_DEBUG_PFKEY, "debug_pfkey", &debug_pfkey,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_DEBUG_VERBOSE, "debug_verbose",&sysctl_ipsec_debug_verbose,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
#ifdef CONFIG_KLIPS_IPCOMP
{ NET_IPSEC_DEBUG_IPCOMP, "debug_ipcomp", &sysctl_ipsec_debug_ipcomp,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
#endif /* CONFIG_KLIPS_IPCOMP */
#ifdef CONFIG_KLIPS_REGRESS
{ NET_IPSEC_REGRESS_PFKEY_LOSSAGE, "pfkey_lossage",
&sysctl_ipsec_regress_pfkey_lossage,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
#endif /* CONFIG_KLIPS_REGRESS */
#endif /* CONFIG_KLIPS_DEBUG */
{ NET_IPSEC_ICMP, "icmp", &sysctl_ipsec_icmp,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_INBOUND_POLICY_CHECK, "inbound_policy_check", &sysctl_ipsec_inbound_policy_check,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{ NET_IPSEC_TOS, "tos", &sysctl_ipsec_tos,
- sizeof(int), 0644, NULL, &proc_dointvec},
+ sizeof(int), 0644, NULL, .proc_handler = &proc_dointvec},
{0}
};
[dhr at bofh openswan-2]$ #####################################################
More information about the Dev
mailing list