[PATCH 7/7] netlink: abolish check_config and output_config

Ian Jackson ijackson at chiark.greenend.org.uk
Thu Jun 14 01:38:37 BST 2012


Apparently, a long time ago, MSG5 and MSG6 used to contain some
netlink configuration data, which the receiver of the MSG5 or MSG6
would check.

However, for a long time now the output_config function has been a
no-op and the check function has unconditionally eaten and discarded
anything extra in the message.

Furthermore, because the MSG6 is not retransmitted, this mechanism
couldn't be reliable without a protocol change.  So the existing
interface is defective.

So, abolish it the interface, the dummy implementation, and all the
call sites.  The check_config call sites in site.c now instead
directly discard any unexpected data at the end of MSG5 and MSG6.

This patch should cause no behavioural change in actual operation.

Signed-off-by: Ian Jackson <ijackson at chiark.greenend.org.uk>
---
 netlink.c |   23 -----------------------
 secnet.h  |    2 --
 site.c    |   16 ++++------------
 3 files changed, 4 insertions(+), 37 deletions(-)

diff --git a/netlink.c b/netlink.c
index 559821d..fdad4ff 100644
--- a/netlink.c
+++ b/netlink.c
@@ -803,27 +803,6 @@ static void netlink_signal_handler(void *sst, int signum)
     netlink_dump_routes(st,True);
 }
 
-static void netlink_inst_output_config(void *sst, struct buffer_if *buf)
-{
-/*    struct netlink_client *c=sst; */
-/*    struct netlink *st=c->nst; */
-
-    /* For now we don't output anything */
-    BUF_ASSERT_USED(buf);
-}
-
-static bool_t netlink_inst_check_config(void *sst, struct buffer_if *buf)
-{
-/*    struct netlink_client *c=sst; */
-/*    struct netlink *st=c->nst; */
-
-    BUF_ASSERT_USED(buf);
-    /* We need to eat all of the configuration information from the buffer
-       for backward compatibility. */
-    buf->size=0;
-    return True;
-}
-
 static void netlink_inst_set_mtu(void *sst, int32_t new_mtu)
 {
     struct netlink_client *c=sst;
@@ -910,8 +889,6 @@ static closure_t *netlink_inst_create(struct netlink *st,
     c->ops.reg=netlink_inst_reg;
     c->ops.deliver=netlink_inst_incoming;
     c->ops.set_quality=netlink_set_quality;
-    c->ops.output_config=netlink_inst_output_config;
-    c->ops.check_config=netlink_inst_check_config;
     c->ops.set_mtu=netlink_inst_set_mtu;
     c->nst=st;
 
diff --git a/secnet.h b/secnet.h
index 06beb05..937ee9c 100644
--- a/secnet.h
+++ b/secnet.h
@@ -437,8 +437,6 @@ struct netlink_if {
     netlink_register_fn *reg;
     netlink_deliver_fn *deliver;
     netlink_link_quality_fn *set_quality;
-    netlink_output_config_fn *output_config;
-    netlink_check_config_fn *check_config;
     netlink_set_mtu_fn *set_mtu;
 };
 
diff --git a/site.c b/site.c
index b54b34e..233afe8 100644
--- a/site.c
+++ b/site.c
@@ -628,7 +628,6 @@ static bool_t generate_msg5(struct site *st)
     buffer_init(&st->buffer,st->transform->max_start_pad+(4*4));
     /* Give the netlink code an opportunity to put its own stuff in the
        message (configuration information, etc.) */
-    st->netlink->output_config(st->netlink->st,&st->buffer);
     buf_prepend_uint32(&st->buffer,LABEL_MSG5);
     st->new_transform->forwards(st->new_transform->st,&st->buffer,
 				&transform_err);
@@ -660,11 +659,8 @@ static bool_t process_msg5(struct site *st, struct buffer_if *msg5,
 	slog(st,LOG_SEC,"MSG5/PING packet contained wrong label");
 	return False;
     }
-    if (!st->netlink->check_config(st->netlink->st,msg5)) {
-	slog(st,LOG_SEC,"MSG5/PING packet contained bad netlink config");
-	return False;
-    }
-    CHECK_EMPTY(msg5);
+    /* Older versions of secnet used to write some config data here
+     * which we ignore.  So we don't CHECK_EMPTY */
     return True;
 }
 
@@ -677,7 +673,6 @@ static bool_t generate_msg6(struct site *st)
     buffer_init(&st->buffer,st->transform->max_start_pad+(4*4));
     /* Give the netlink code an opportunity to put its own stuff in the
        message (configuration information, etc.) */
-    st->netlink->output_config(st->netlink->st,&st->buffer);
     buf_prepend_uint32(&st->buffer,LABEL_MSG6);
     st->new_transform->forwards(st->new_transform->st,&st->buffer,
 				&transform_err);
@@ -709,11 +704,8 @@ static bool_t process_msg6(struct site *st, struct buffer_if *msg6,
 	slog(st,LOG_SEC,"MSG6/PONG packet contained invalid data");
 	return False;
     }
-    if (!st->netlink->check_config(st->netlink->st,msg6)) {
-	slog(st,LOG_SEC,"MSG6/PONG packet contained bad netlink config");
-	return False;
-    }
-    CHECK_EMPTY(msg6);
+    /* Older versions of secnet used to write some config data here
+     * which we ignore.  So we don't CHECK_EMPTY */
     return True;
 }
 
-- 
1.7.2.5




More information about the sgo-software-discuss mailing list