- net.inet.ipsec.esp_auth hasn't been there

- nuke all debug printfs, which are unneeded by now. - get rid of #ifdef IPSEC_DEBUG in headers - now that key_debug_level is always defined, there's no need for #ifdef IPSEC_DEBUG around sysctl MIB code (net.key.debug). - switch all debug printf() to ipseclog(). Obtained from: KAME MFC after: 1 week
2001-11-05 16:46:24 +00:00 · 2001-11-05 16:46:24 +00:00 · 6bd8569386
commit 6bd8569386
parent 11bc0f4ff1
5 changed files with 224 additions and 527 deletions
--- a/sys/netkey/key.c
+++ b/sys/netkey/key.c
--- a/sys/netkey/key_debug.c
+++ b/sys/netkey/key_debug.c
@ -59,8 +59,6 @@
 #include <stdlib.h>
 #endif /* !_KERNEL */

-#if !defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG))
-
 static void kdebug_sadb_prop __P((struct sadb_ext *));
 static void kdebug_sadb_identity __P((struct sadb_ext *));
 static void kdebug_sadb_supported __P((struct sadb_ext *));
@ -747,5 +745,3 @@ ipsec_hexdump(buf, len)

 	return;
 }
-
-#endif /* !defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG)) */
--- a/sys/netkey/key_debug.h
+++ b/sys/netkey/key_debug.h
@ -1,5 +1,5 @@
 /*	$FreeBSD$	*/
-/*	$KAME: key_debug.h,v 1.7 2000/07/04 04:08:16 itojun Exp $	*/
+/*	$KAME: key_debug.h,v 1.10 2001/08/05 08:37:52 itojun Exp $	*/

 /*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -33,8 +33,7 @@
 #ifndef _NETKEY_KEY_DEBUG_H_
 #define _NETKEY_KEY_DEBUG_H_

-#if !defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG))
-
+#ifdef _KERNEL
 /* debug flags */
 #define KEYDEBUG_STAMP		0x00000001 /* path */
 #define KEYDEBUG_DATA		0x00000002 /* data */
@ -54,9 +53,9 @@
 #define KEYDEBUG_IPSEC_DATA	(KEYDEBUG_IPSEC | KEYDEBUG_DATA)
 #define KEYDEBUG_IPSEC_DUMP	(KEYDEBUG_IPSEC | KEYDEBUG_DUMP)

-#define KEYDEBUG(lev,arg) if ((key_debug_level & (lev)) == (lev)) { arg; }
+#define KEYDEBUG(lev,arg) \
+	do { if ((key_debug_level & (lev)) == (lev)) { arg; } } while (0)

-#ifdef _KERNEL
 extern u_int32_t key_debug_level;
 #endif /*_KERNEL*/

@ -86,10 +85,4 @@ extern void kdebug_sockaddr __P((struct sockaddr *));
 extern void ipsec_hexdump __P((caddr_t, int));
 extern void ipsec_bindump __P((caddr_t, int));

-#else
-
-#define KEYDEBUG(lev,arg)
-
-#endif /*!defined(_KERNEL) || (defined(_KERNEL) && defined(IPSEC_DEBUG))*/
-
 #endif /* _NETKEY_KEY_DEBUG_H_ */
--- a/sys/netkey/key_var.h
+++ b/sys/netkey/key_var.h
@ -1,5 +1,5 @@
 /*	$FreeBSD$	*/
-/*	$KAME: key_var.h,v 1.9 2000/10/04 11:13:57 itojun Exp $	*/
+/*	$KAME: key_var.h,v 1.10 2001/07/27 04:14:12 itojun Exp $	*/

 /*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -58,39 +58,10 @@
 	{ "blockacq_count", CTLTYPE_INT }, \
 	{ "blockacq_lifetime", CTLTYPE_INT }, \
 	{ "esp_keymin", CTLTYPE_INT }, \
+	{ "esp_auth", CTLTYPE_INT }, \
 	{ "ah_keymin", CTLTYPE_INT }, \
 }

-#ifdef IPSEC_DEBUG
-#define KEYCTL_VARS { \
-	0, \
-	&key_debug_level, \
-	&key_spi_trycnt, \
-	&key_spi_minval, \
-	&key_spi_maxval, \
-	&key_int_random, \
-	&key_larval_lifetime, \
-	&key_blockacq_count, \
-	&key_blockacq_lifetime, \
-	&ipsec_esp_keymin, \
-	&ipsec_ah_keymin, \
-}
-#else
-#define KEYCTL_VARS { \
-	0, \
-	0, \
-	&key_spi_trycnt, \
-	&key_spi_minval, \
-	&key_spi_maxval, \
-	&key_int_random, \
-	&key_larval_lifetime, \
-	&key_blockacq_count, \
-	&key_blockacq_lifetime, \
-	&ipsec_esp_keymin, \
-	&ipsec_ah_keymin, \
-}
-#endif
-
 #ifdef _KERNEL
 #define _ARRAYLEN(p) (sizeof(p)/sizeof(p[0]))
 #define _KEYLEN(key) ((u_int)((key)->sadb_key_bits >> 3))
--- a/sys/netkey/keysock.c
+++ b/sys/netkey/keysock.c
@ -1,5 +1,5 @@
 /*	$FreeBSD$	*/
-/*	$KAME: keysock.c,v 1.24 2000/12/03 00:41:48 itojun Exp $	*/
+/*	$KAME: keysock.c,v 1.25 2001/08/13 20:07:41 itojun Exp $	*/

 /*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -97,9 +97,6 @@ key_output(m, va_alist)

 	len = m->m_pkthdr.len;
 	if (len < sizeof(struct sadb_msg)) {
-#ifdef IPSEC_DEBUG
-		printf("key_output: Invalid message length.\n");
-#endif
 		pfkeystat.out_tooshort++;
 		error = EINVAL;
 		goto end;
@ -107,9 +104,6 @@ key_output(m, va_alist)

 	if (m->m_len < sizeof(struct sadb_msg)) {
 		if ((m = m_pullup(m, sizeof(struct sadb_msg))) == 0) {
-#ifdef IPSEC_DEBUG
-			printf("key_output: can't pullup mbuf\n");
-#endif
 			pfkeystat.out_nomem++;
 			error = ENOBUFS;
 			goto end;
@ -119,16 +113,11 @@ key_output(m, va_alist)
 	if ((m->m_flags & M_PKTHDR) == 0)
 		panic("key_output: not M_PKTHDR ??");

-#ifdef IPSEC_DEBUG
 	KEYDEBUG(KEYDEBUG_KEY_DUMP, kdebug_mbuf(m));
-#endif

 	msg = mtod(m, struct sadb_msg *);
 	pfkeystat.out_msgtype[msg->sadb_msg_type]++;
 	if (len != PFKEY_UNUNIT64(msg->sadb_msg_len)) {
-#ifdef IPSEC_DEBUG
-		printf("key_output: Invalid message length.\n");
-#endif
 		pfkeystat.out_invlen++;
 		error = EINVAL;
 		goto end;
@ -163,9 +152,6 @@ key_sendup0(rp, m, promisc)
 		if (m && m->m_len < sizeof(struct sadb_msg))
 			m = m_pullup(m, sizeof(struct sadb_msg));
 		if (!m) {
-#ifdef IPSEC_DEBUG
-			printf("key_sendup0: cannot pullup\n");
-#endif
 			pfkeystat.in_nomem++;
 			m_freem(m);
 			return ENOBUFS;
@ -184,9 +170,6 @@ key_sendup0(rp, m, promisc)

 	if (!sbappendaddr(&rp->rcb_socket->so_rcv, (struct sockaddr *)&key_src,
 	    m, NULL)) {
-#ifdef IPSEC_DEBUG
-		printf("key_sendup0: sbappendaddr failed\n");
-#endif
 		pfkeystat.in_nomem++;
 		m_freem(m);
 		error = ENOBUFS;
@ -366,9 +349,6 @@ key_sendup_mbuf(so, m, target)
 			continue;

 		if ((n = m_copy(m, 0, (int)M_COPYALL)) == NULL) {
-#ifdef IPSEC_DEBUG
-			printf("key_sendup: m_copy fail\n");
-#endif
 			m_freem(m);
 			pfkeystat.in_nomem++;
 			return ENOBUFS;
@ -438,7 +418,6 @@ key_attach(struct socket *so, int proto, struct thread *td)
 		free(kp, M_PCB);
 		so->so_pcb = (caddr_t) 0;
 		splx(s);
-		printf("key_usrreq: key_usrreq results %d\n", error);
 		return error;
 	}