current-users: kernel with FAST_IPSEC fails to compile

Subject: kernel with FAST_IPSEC fails to compile
To: None <current-users@netbsd.org>
From: Jukka Salmi <j+nbsd@2005.salmi.ch>
List: current-users
Date: 06/10/2005 10:05:01
--FL5UXtIhxfXey3p5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Hi,

I just tried to compile a kernel with FAST_IPSEC and failed in various
places because of problems detected by the -Wwrite-strings and -Wshadow
compiler options. The attached patch seems to fix these problem. Is it
considered to be correct?


Cheers, Jukka

-- 
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~

--FL5UXtIhxfXey3p5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="fast_ipsec.patch"

--- src/sys/netipsec/ipsec.c.orig	2005-06-10 09:30:23.000000000 +0200
+++ src/sys/netipsec/ipsec.c	2005-06-10 01:36:18.000000000 +0200
@@ -2093,7 +2093,7 @@
 #endif /* INET6 */
 
 	default:
-		return "(unknown address family)";
+		return __UNCONST("(unknown address family)");
 	}
 }
 
--- src/sys/netipsec/xform_ah.c.orig	2005-06-10 09:30:25.000000000 +0200
+++ src/sys/netipsec/xform_ah.c	2005-06-10 01:37:07.000000000 +0200
@@ -1264,7 +1264,7 @@
 }
 
 static struct xformsw ah_xformsw = {
-	XF_AH,		XFT_AUTH,	"IPsec AH",
+	XF_AH,		XFT_AUTH,	__UNCONST("IPsec AH"),
 	ah_init,	ah_zeroize,	ah_input,	ah_output,
 };
 
--- src/sys/netipsec/xform_esp.c.orig	2005-06-10 09:30:25.000000000 +0200
+++ src/sys/netipsec/xform_esp.c	2005-06-10 01:37:38.000000000 +0200
@@ -949,7 +949,7 @@
 }
 
 static struct xformsw esp_xformsw = {
-	XF_ESP,		XFT_CONF|XFT_AUTH,	"IPsec ESP",
+	XF_ESP,		XFT_CONF|XFT_AUTH,	__UNCONST("IPsec ESP"),
 	esp_init,	esp_zeroize,		esp_input,
 	esp_output
 };
--- src/sys/netipsec/xform_ipcomp.c.orig	2005-06-10 09:30:25.000000000 +0200
+++ src/sys/netipsec/xform_ipcomp.c	2005-06-10 01:38:14.000000000 +0200
@@ -600,7 +600,7 @@
 }
 
 static struct xformsw ipcomp_xformsw = {
-	XF_IPCOMP,		XFT_COMP,		"IPcomp",
+	XF_IPCOMP,		XFT_COMP,		__UNCONST("IPcomp"),
 	ipcomp_init,		ipcomp_zeroize,		ipcomp_input,
 	ipcomp_output
 };
--- src/sys/netipsec/xform_ipip.c.orig	2005-06-10 09:30:25.000000000 +0200
+++ src/sys/netipsec/xform_ipip.c	2005-06-10 01:38:47.000000000 +0200
@@ -676,7 +676,7 @@
 }
 
 static struct xformsw ipe4_xformsw = {
-	XF_IP4,		0,		"IPv4 Simple Encapsulation",
+	XF_IP4,		0,		__UNCONST("IPv4 Simple Encapsulation"),
 	ipe4_init,	ipe4_zeroize,	ipe4_input,	ipip_output,
 };
 
--- src/sys/netipsec/key.c.orig	2005-06-10 09:30:24.000000000 +0200
+++ src/sys/netipsec/key.c	2005-06-10 01:44:21.000000000 +0200
@@ -4802,37 +4802,37 @@
 	struct secasindex *saidx;
 {
 	u_int32_t newspi;
-	u_int32_t min, max;
+	u_int32_t spmin, spmax;
 	int count = key_spi_trycnt;
 
 	/* set spi range to allocate */
 	if (spirange != NULL) {
-		min = spirange->sadb_spirange_min;
-		max = spirange->sadb_spirange_max;
+		spmin = spirange->sadb_spirange_min;
+		spmax = spirange->sadb_spirange_max;
 	} else {
-		min = key_spi_minval;
-		max = key_spi_maxval;
+		spmin = key_spi_minval;
+		spmax = key_spi_maxval;
 	}
 	/* IPCOMP needs 2-byte SPI */
 	if (saidx->proto == IPPROTO_IPCOMP) {
 		u_int32_t t;
-		if (min >= 0x10000)
-			min = 0xffff;
-		if (max >= 0x10000)
-			max = 0xffff;
-		if (min > max) {
-			t = min; min = max; max = t;
+		if (spmin >= 0x10000)
+			spmin = 0xffff;
+		if (spmax >= 0x10000)
+			spmax = 0xffff;
+		if (spmin > spmax) {
+			t = spmin; spmin = spmax; spmax = t;
 		}
 	}
 
-	if (min == max) {
-		if (key_checkspidup(saidx, min) != NULL) {
-			ipseclog((LOG_DEBUG, "key_do_getnewspi: SPI %u exists already.\n", min));
+	if (spmin == spmax) {
+		if (key_checkspidup(saidx, spmin) != NULL) {
+			ipseclog((LOG_DEBUG, "key_do_getnewspi: SPI %u exists already.\n", spmin));
 			return 0;
 		}
 
 		count--; /* taking one cost. */
-		newspi = min;
+		newspi = spmin;
 
 	} else {
 
@@ -4842,7 +4842,7 @@
 		/* when requesting to allocate spi ranged */
 		while (count--) {
 			/* generate pseudo-random SPI value ranged. */
-			newspi = min + (key_random() % (max - min + 1));
+			newspi = spmin + (key_random() % (spmax - spmin + 1));
 
 			if (key_checkspidup(saidx, newspi) == NULL)
 				break;
@@ -5671,19 +5671,19 @@
 key_getsizes_ah(
 	const struct auth_hash *ah,
 	int alg,
-	u_int16_t* min,
-	u_int16_t* max)
+	u_int16_t* ksmin,
+	u_int16_t* ksmax)
 {
-	*min = *max = ah->keysize;
+	*ksmin = *ksmax = ah->keysize;
 	if (ah->keysize == 0) {
 		/*
 		 * Transform takes arbitrary key size but algorithm
 		 * key size is restricted.  Enforce this here.
 		 */
 		switch (alg) {
-		case SADB_X_AALG_MD5:	*min = *max = 16; break;
-		case SADB_X_AALG_SHA:	*min = *max = 20; break;
-		case SADB_X_AALG_NULL:	*min = 1; *max = 256; break;
+		case SADB_X_AALG_MD5:	*ksmin = *ksmax = 16; break;
+		case SADB_X_AALG_SHA:	*ksmin = *ksmax = 20; break;
+		case SADB_X_AALG_NULL:	*ksmin = 1; *ksmax = 256; break;
 		default:
 			DPRINTF(("key_getsizes_ah: unknown AH algorithm %u\n",
 				alg));

--FL5UXtIhxfXey3p5--