Skip to content

Commit

Permalink
pf: simplify pf_addrcpy() and pf_match_addr()
Browse files Browse the repository at this point in the history 
Use the v4/v6 union members rather than the uint32_t ones.
Export IN_ARE_MASKED_ADDR_EQUAL() in in_var.h and use it (and its IPv6
equivalent) for masked comparisons rather than hand-rolled code.

Event:		Kitchener-Waterloo Hackathon 202406
  • Loading branch information
@kprovost
kprovost committed Jun 6, 2024
1 parent f082982 commit 8f04209
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 18 deletions.
3 changes: 0 additions & 3 deletions sys/netinet/in.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1473,9 +1473,6 @@ in_lltable_new(struct in_addr addr4, u_int flags)
return (&lle->base);
}

#define IN_ARE_MASKED_ADDR_EQUAL(d, a, m) ( \
((((d).s_addr ^ (a).s_addr) & (m).s_addr)) == 0 )

static int
in_lltable_match_prefix(const struct sockaddr *saddr,
const struct sockaddr *smask, u_int flags, struct llentry *lle)
Expand Down
5 changes: 5 additions & 0 deletions sys/netinet/in_var.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,11 @@ struct in_ifaddr {
#define IN_LNAOF(in, ifa) \
((ntohl((in).s_addr) & ~((struct in_ifaddr *)(ifa)->ia_subnetmask))

#ifdef _KERNEL
#define IN_ARE_MASKED_ADDR_EQUAL(d, a, m) ( \
((((d).s_addr ^ (a).s_addr) & (m).s_addr)) == 0 )
#endif

#define LLTABLE(ifp) \
((struct in_ifinfo *)(ifp)->if_afdata[AF_INET])->ii_llt
/*
Expand Down
19 changes: 4 additions & 15 deletions sys/netpfil/pf/pf.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -723,14 +723,11 @@ pf_addrcpy(struct pf_addr *dst, struct pf_addr *src, sa_family_t af)
switch (af) {
#ifdef INET
case AF_INET:
dst->addr32[0] = src->addr32[0];
memcpy(&dst->v4, &src->v4, sizeof(dst->v4));
break;
#endif /* INET */
case AF_INET6:
dst->addr32[0] = src->addr32[0];
dst->addr32[1] = src->addr32[1];
dst->addr32[2] = src->addr32[2];
dst->addr32[3] = src->addr32[3];
memcpy(&dst->v6, &src->v6, sizeof(dst->v6));
break;
}
}
Expand Down Expand Up @@ -3408,21 +3405,13 @@ pf_match_addr(u_int8_t n, struct pf_addr *a, struct pf_addr *m,
switch (af) {
#ifdef INET
case AF_INET:
if ((a->addr32[0] & m->addr32[0]) ==
(b->addr32[0] & m->addr32[0]))
if (IN_ARE_MASKED_ADDR_EQUAL(a->v4, b->v4, m->v4))
match++;
break;
#endif /* INET */
#ifdef INET6
case AF_INET6:
if (((a->addr32[0] & m->addr32[0]) ==
(b->addr32[0] & m->addr32[0])) &&
((a->addr32[1] & m->addr32[1]) ==
(b->addr32[1] & m->addr32[1])) &&
((a->addr32[2] & m->addr32[2]) ==
(b->addr32[2] & m->addr32[2])) &&
((a->addr32[3] & m->addr32[3]) ==
(b->addr32[3] & m->addr32[3])))
if (IN6_ARE_MASKED_ADDR_EQUAL(&a->v6, &b->v6, &m->v6))
match++;
break;
#endif /* INET6 */
Expand Down

0 comments on commit 8f04209

Please sign in to comment.