tech-net archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: RFC: ipsec(4) pseudo interface
Hi,
On 2017/12/23 9:05, Christos Zoulas wrote:
> In article <e5721d0b-1b44-612e-a23c-ca5e2af5228a%iij.ad.jp@localhost>,
> Kengo NAKAHARA <k-nakahara%iij.ad.jp@localhost> wrote:
>> Hi,
>>
>> Thank you for your reviewing.
>
>
> Thanks for fixing; more nit-picking:
> 1. there is a variable called err instead of error why (all the rest
> are called error)?
Oh, good catch. I fix it(ipsecif4_fragout()).
> 2. I prefer fewer lines of code, fewer variables for all the copies
> of those similar functions, like:
>
> +static int
> +if_ipsec_encap_detach(struct ipsec_variant *var)
> +{
> +
> + KASSERT(var != NULL);
> + KASSERT(if_ipsec_variant_is_configured(var));
> +
> + switch (var->iv_psrc->sa_family) {
> +#ifdef INET
> + case AF_INET:
> + return ipsecif4_detach(var);
> +#endif /* INET */
> +#ifdef INET6
> + case AF_INET6:
> + return ipsecif6_detach(var);
> + break;
> +#endif /* INET6 */
> + default:
> + return EINVAL;
> + }
> +}
Exactly. I fix the following duplications.
+ if_ipsec_encap_attach() and if_ipsec_encap_detach()
+ if_ipsec_gather_addr_port() and if_ipsec_set_addr_port()
- remove if_ipsec_gather_addr_port()
+ sa_len checking in if_ipsec_ioctl()
- functionize it as if_ipsec_check_salen()
Here is the updated patch series and unified patch.
- https://www.netbsd.org/~knakahara/if_ipsec/if_ipsec4.tgz
- https://www.netbsd.org/~knakahara/if_ipsec/if_ipsec4-unified.patch
Thanks,
--
//////////////////////////////////////////////////////////////////////
Internet Initiative Japan Inc.
Device Engineering Section,
IoT Platform Development Department,
Network Division,
Technology Unit
Kengo NAKAHARA <k-nakahara%iij.ad.jp@localhost>
Home |
Main Index |
Thread Index |
Old Index